This guide will walk you through installing CSF on a VPS/Dedicated server.
Preparing the server
After logging in via SSH (as root!) we will need to download the CSF firewall itself, let's make a temporary directory called "tmp" first and then move into it and download latest version of CSF:
mkdir tmp cd tmp wget http://configserver.com/free/csf.tgz
Once CSF is downloaded, we will need to extract the archive containing it and move into the directory it creates:
tar xf csf.tgz cd csf
We are now ready to install CSF.
Installing CSF on a server with cPanel
CSF includes integration with control panels such as cPanel, in order to install it for a cPanel based server, we would execute the install script that is meant for cPanel.
Installing CSF on a server without cPanel
If you do not have cPanel on your server and would still like to install CSF, you can certainly do so. Execute the following command:
Configuring CSF - allowing ports
Configuring your firewall is required for it to function correctly. Let's open the CSF configuration file:
To turn the firewall on, inside the editor, navigate down until you see TESTING="1" and change it to TESTING="0".
All blocks are commented inside (a comment is a line that starts with a #) for you to understand what each section does, for example to add a incoming TCP port to the allow list, we would edit this variable:
TCP_IN = "20,21,22,25,53,80,110,143,443,465,587,993,995,2077,2078,2082,2083,2086,2087,2095,2096"
To allow incoming MySQL connections we would add 3306 to the list:
TCP_IN = "20,21,22,25,53,80,110,143,443,465,587,993,995,2077,2078,2082,2083,2086,2087,2095,2096,3306"
When you make the changes, hit CTRL+X to exit the editor and press Y when it asks you if you want to overwrite the file.
You can find more info on the subject on the official website here: http://configserver.com/cp/csf.html