How to Install CSF on AnonVM: A Complete Guide

How to Install CSF on AnonVM: A Complete Guide

CSF (ConfigServer Security & Firewall) is a popular security tool that helps secure your server by configuring a powerful firewall. It works with iptables to filter incoming and outgoing traffic and provides additional features like login and brute-force attack protection. If you're hosting your server on AnonVM, it's crucial to use CSF to bolster your server's security. This guide walks you through the installation and configuration of CSF on your AnonVM server.

Prerequisites

Before proceeding with the installation, make sure you have the following:

  • A VPS or Dedicated Server: Using AnonVM for secure, offshore hosting.
  • A Linux-based OS: This guide assumes you are using a Debian-based (Ubuntu/Debian) or CentOS system.
  • Root/Sudo Access: You need root or sudo privileges to install software and configure your firewall.

Step 1: Update Your System

Before installing CSF, it’s a good idea to update your system's packages to ensure everything is up-to-date:

For Ubuntu/Debian-based systems:

sudo apt update sudo apt upgrade -y

For CentOS-based systems:

sudo yum update -y

Step 2: Install Required Dependencies

CSF requires some dependencies to be installed before it can be set up. Install these dependencies using the following commands:

For Ubuntu/Debian-based systems:

sudo apt install libwww-perl liblwp-protocol-https-perl -y

For CentOS:

sudo yum install perl-libwww-perl perl-LWP-Protocol-https -y

Step 3: Download and Install CSF

CSF can be easily downloaded from its official GitHub repository. Run the following commands to download and install CSF:

cd /usr/local/src sudo wget https://download.configserver.com/csf.tgz sudo tar -xvzf csf.tgz cd csf sudo sh install.sh

Step 4: Test if CSF is Installed Correctly

After the installation, check whether CSF was installed correctly by running:

sudo csf -v

This will display the version of CSF installed on your server. If you see the version number, the installation was successful.

Step 5: Configure CSF

  1. Open the CSF Configuration File:

    CSF configuration is controlled through the /etc/csf/csf.conf file. You can open it with any text editor. For example:

     
    sudo nano /etc/csf/csf.conf
  2. Enable CSF:

    Find the following line and set it to 1 to enable CSF:

     
    TESTING = "0"

    Change TESTING to 0 (This disables the testing mode and enables the firewall).

  3. Set the Allowed IPs:

    To ensure you don’t lock yourself out, add your IP address to the allowed list. Search for the ALLOWIP section in the csf.conf file and add your IP like this:

     
    ALLOWIP = "your-ip-address"
  4. Configure Port Settings:

    CSF comes preconfigured to block most ports. If you’re running specific services like SSH, you need to open the port. Find the line that says TCP_IN and TCP_OUT and modify them to include ports like 22 (for SSH) or other services you may use:

     
    TCP_IN = "22,80,443" TCP_OUT = "22,80,443"

    This will allow SSH, HTTP, and HTTPS traffic. Add any other ports you want to open for your server.

Step 6: Restart CSF

Once you’ve made the necessary changes, restart CSF to apply the new configurations:

sudo csf -r

This command restarts the firewall and applies the configuration changes.

Step 7: Enable LFD (Login Failure Daemon)

CSF comes with LFD, a daemon that provides protection against brute-force login attempts, malware, and other types of attacks. To enable LFD, edit the configuration file (/etc/csf/csf.conf) and set:

LF_DAEMON = "1"

This will enable LFD and improve your server’s overall security by blocking IPs that exhibit malicious behavior.

Step 8: Check CSF and LFD Status

To verify that CSF and LFD are running properly, use the following commands:

sudo csf -l

This will show you the current IP list and blocked IPs.

For LFD status, use:

sudo lfd -status

Step 9: Additional Configuration Options

  • Blocking IPs: To manually block an IP address, use the following command:

     
    sudo csf -d ip-address "Reason for block"
  • Unblocking IPs: To unblock an IP, use:

     
    sudo csf -u ip-address

Step 10: Review CSF Logs

CSF keeps logs of its activities in /var/log/lfd.log and /var/log/csf.log. You can monitor these logs to see what’s happening with your firewall:

sudo tail -f /var/log/lfd.log

This will show you any login attempts, blocked IPs, and other activities related to the firewall.

Step 11: Set Up Email Notifications

CSF can send you email alerts when specific events occur, like failed login attempts. To configure email notifications, edit the csf.conf file and configure the following parameters:

LF_ALERT_TO = "[email protected]"

This will send alerts to the specified email address.

Conclusion

By following these steps, you have successfully installed and configured CSF (ConfigServer Security & Firewall) on your AnonVM server. CSF provides robust security, helping to safeguard your server from unauthorized access and malicious attacks. By leveraging LFD, it adds an extra layer of protection by monitoring login attempts and blocking IPs exhibiting suspicious behavior.

Regularly check your CSF and LFD logs, and update the firewall rules as needed to keep your server secure. CSF is highly configurable and works great with any AnonVM hosting solution, offering the peace of mind that your server is safe from common threats.

Was this answer helpful? 0 Users Found This Useful (0 Votes)

Powered by WHMCompleteSolution