Cantech Knowledge Base

Your Go-To Hosting Resource

  1. Linux
  2. How to Install csf ubuntu 20.04?

How to Install csf ubuntu 20.04?

ConfigServer Security & Firewall, usually called CSF, is a well known security tool for Linux servers. It serves as an SPI firewall, an intrusion detection system or a security app in one. CSF helps secure servers from risks like brute force attacks, unauthorized access or harmful actions. It lets administrators set rules to block or allow traffic by IP addresses, ports or protocols. CSF works with control panels like cPanel, DirectAdmin or Webmin, which simplifies tasks for admins. It offers extra features such as real time monitoring, process tracking or alerts for suspicious events making it a prime choice for web server security. This blog explains how to install, configure besides use CSF on Ubuntu 20.04

Set up Ubuntu Server

  • Set up a new Ubuntu 20.04 Vultr VPS instance
  • Log in to the server via SSH as root.
  • Follow our best practice guides to update the Ubuntu server.

Csf Installation

Step 1: Update System Packages

Ensure all existing packages are up-to-date

sudo apt update && sudo apt upgrade -y

Step 2: Install Required Dependencies

CSF requires several Perl modules and other utilities

sudo apt install -y perl libwww-perl liblwp-protocol-https-perl iptables libio-socket-inet6-perl libsocket6-perl unzip sendmail-bin

Step 3: Download and Install CSF

Navigate to the /usr/src directory, download, and install CSF:

cd /usr/src/
sudo wget https://download.configserver.com/csf.tgz
sudo tar -xzf csf.tgz
cd csf
sudo sh install.sh

Step 4: Verify Installation

Check that all required iptables modules are present:

sudo perl /usr/local/csf/bin/csftest.pl

If the output indicates that CSF should function correctly, proceed.

Step 5: Configure CSF

By default, CSF operates in testing mode. To disable this

sudo nano /etc/csf/csf.conf

Locate the line

TESTING = "1"

Change it to

TESTING = "0"

Additionally, to restrict syslog access to specific group members, find

RESTRICT_SYSLOG = "0"

Change it to

RESTRICT_SYSLOG = "3"

Save and exit the editor.

Step 6: Restart CSF and LFD

Apply the configuration changes

sudo csf -r
sudo systemctl restart lfd

Step 7: Manage Firewall Rules

Allow an IP Address

sudo csf -a 192.168.1.100

Deny an IP Address

sudo csf -d 203.0.113.45

Remove an IP from Allow List

sudo csf -ar 192.168.1.100Remove an IP from Deny List

Remove an IP from Deny List

sudo csf -dr 203.0.113.45

Step 8: Configure Ports

To specify which ports are open

sudo nano /etc/csf/csf.conf

Modify the following lines as needed

TCP_IN = "22,80,443"
TCP_OUT = "22,80,443"
UDP_IN = "53"
UDP_OUT = "53,123"

Ensure that the ports required for your services are included.

Step 9: Restart CSF to Apply Changes

After making configuration changes

sudo csf -r

Step 10: Verify CSF Status

To check the status and version of CSF

sudo csf -v
sudo csf -l

For more detailed information and advanced configurations, refer to the official CSF documentation.

By following these steps, CSF will be installed and configured on your Ubuntu 20.04 LTS system, enhancing its security.

March 19, 2025