Search Our Database
How to install ConfigServer Security and Firewall (csf) in Almalinux
This is a guide on how to install csf in Almalinux.
Step 1: Login to your Almalinux’s server first
Step 2: Once login, make sure to run the command below to ensure all the application on your server is up-to-date
sudo dnf update
Step 3: After all the apps are updated, you would need to install dependencies that csf required.
sudo dnf install perl-libwww-perl perl-Math-BigInt wget
Step 4: You’ll need to download the CSF files to the correct directories in the server. So first you would need to navigate to the following using the cd command. Afterwards, download the csf files by using the wget command.
cd /usr/src
wget https://download.configserver.com/csf.tgz
Step 5: Extract the csf files by running the command tar, if you don’t have tar installed in the server, please install it by running [sudo dnf install tar]. Then, navigate in the csf directories.
tar xzf csf.tgz
cd csf
Step 6: Now you can install csf in the server with running the commands:
sh install.sh
perl /usr/local/csf/bin/csftest.pl
You should see the following output:
[root@cert csf]# perl /usr/local/csf/bin/csftest.pl
Testing ip_tables/iptable_filter…OK
Testing ipt_LOG…OK
Testing ipt_multiport/xt_multiport…OK
Testing ipt_REJECT…OK
Testing ipt_state/xt_state…OK
Testing ipt_limit/xt_limit…OK
Testing ipt_recent…OK
Testing xt_connlimit…OK
Testing ipt_owner/xt_owner…OK
Testing iptable_nat/ipt_REDIRECT…OK
Testing iptable_nat/ipt_DNAT…OK
RESULT: csf should function on this server
Step 7: You need to configure the csf’s config file in order for the csf to work. Open the config file by running either vi or vim or nano, depending on which editor installed in the server. For this example, we will use vi:
vi /etc/csf/csf.conf
Then, change TESTING = ‘1’ to TESTING = ‘0’. Without changing these, the daemon would fail to start.You can also allow incoming and outgoing port in the config file. You can do these afterwards as well.
Step 8: After you are done with the configuration of the config file, you need to restart and enable csf.
systemctl restart csf && systemctl restart lfd
systemctl enable csf && systemctl enable lfd
systemctl status csf && systemctl status lfd
Run the command below to check the version installed:
csf -v
There you go! The csf is now all set in the server. You can run the command below to know how to use csf command in the server.
man csf