How to Install CSF on Ubuntu Server

ConfigServer Security & Firewall (CSF) is a popular, free, and feature-rich security suite for Linux servers. This tutorial will guide you through the process of how to install CSF on Ubuntu server, helping you to protect your server against various threats.

How to Install CSF on Ubuntu Server.

Prerequisites

Before installing CSF, make sure your Ubuntu server is up to date:

sudo apt update
sudo apt upgrade

Ensure that you have the necessary tools for building and installing CSF:

sudo apt install -y wget tar perl libwww-perl

Download and Install CSF

First, download the latest CSF archive using wget:

wget https://download.configserver.com/csf.tgz

Next, extract the downloaded archive:

tar -xzf csf.tgz

Now, navigate to the extracted directory and install CSF:

cd csf
sudo sh install.sh

Configure CSF

Before enabling CSF, you’ll want to test if it’s compatible with your server:

sudo perl /usr/local/csf/bin/csftest.pl

If everything is fine, you’ll see the message “RESULT: csf should function on this server.”

To configure CSF, open the configuration file with a text editor like nano:

sudo nano /etc/csf/csf.conf

Look for the line that says TESTING = "1" and change it to TESTING = "0":

TESTING = "0"

Save the file and exit the text editor.

Enable and Start CSF

Enable and start CSF and its login failure daemon (LFD) service by running the following commands:

sudo systemctl enable csf
sudo systemctl enable lfd
sudo systemctl start csf
sudo systemctl start lfd

Configure Firewall Rules (Optional)

You may want to configure specific firewall rules to allow or deny specific IP addresses, ports, or services. To do this, open the CSF configuration file again:

sudo nano /etc/csf/csf.conf

Look for the following sections to configure rules:

• TCP_IN: Incoming TCP ports
• TCP_OUT: Outgoing TCP ports
• UDP_IN: Incoming UDP ports
• UDP_OUT: Outgoing UDP ports

For example, to allow incoming traffic on ports 80 and 443, add them to the TCP_IN line:

TCP_IN = "20,21,22,25,53,80,110,143,443,465,587,993,995"

Save the file and exit the text editor. Finally, restart CSF for the changes to take effect:

sudo systemctl restart csf

Conclusion

Congratulations! You’ve successfully installed and configured CSF on your Ubuntu server. CSF is an essential security tool to protect your server from various threats. For more information on CSF features and configuration, consult the official CSF documentation.

Explore more about Ubuntu server administration and security with our other guides:

• How to Set Up a Web Server on Ubuntu Using Nginx
• How to Secure Ubuntu System with Firewall and AppArmor Policies