How to install ConfigServer Security & Firewall -CSF on Almalinux

In this guide, we will walk you through the step-by-step process of installing CSF on AlmaLinux, ensuring that your system is fortified against potential threats. Every system administrator has a responsibility to protect their server from potential attacks and vulnerabilities. ConfigServer Security & Firewall (CSF) is a strong tool that can assist in enhancing the security of your server.

Chapter 1: Understanding CSF

Let’s clarify what CSF is and why it’s important for server security before moving on to the installation procedure.

What is CSF?

ConfigServer Security & Firewall, or CSF for short, is a strong and free security utility created to give your Linux server extra safety. It serves as a user interface for Linux’s built-in iptables firewall control program. CSF offers a variety of security capabilities while making it easier to configure and manage the firewall rules on your server.

Why CSF on Almalinux?

  1. Firewall Management: CSF makes it easier to manage iptables rules, simplifying complex configurations.
  2. Intrusion Detection: It includes a robust intrusion detection system (IDS) that helps identify and block suspicious activities.
  3. Login Failure Detection: CSF monitors login attempts and can automatically block IP addresses that repeatedly fail authentication.
  4. Real-time Alerts: You can configure CSF to send real-time alerts about security events to your email, keeping you informed.
  5. User-Friendly: It comes with an intuitive web-based user interface (UI) for easy configuration.

Now that you understand the significance of CSF, let’s proceed to the installation process.

Chapter 2: Preparing Your AlmaLinux Server

Before we install CSF on AlmaLinux, it’s important to ensure that your server is up to date and meets the necessary requirements.

Update Your System

Start by connecting to your AlmaLinux server using SSH. Once connected, update your system’s package repository and installed packages:

dnf update

This command will upgrade any out-of-date packages on your system and retrieve the most recent package information.

Check for Required Dependencies

There are a few prerequisites for CSF on AlmaLinux that must be installed on your system. Make sure the upcoming packages are set up:

sudo dnf install perl-libwww-perl unzip net-tools iptables firewalld perl-CPAN tar nano -y

These packages are essential for CSF’s proper functioning.

Chapter 3: Downloading and Installing CSF

With your system prepared, let’s move on to the installation process.

Download CSF

You can download the latest version of CSF on AlmaLinux from the official website or directly via command-line. Here, we will use the command-line method:

sudo wget https://download.configserver.com/csf.tgz

Extract the Archive

Once the download is complete, extract the CSF on AlmaLinux archive:

sudo tar xzf csf.tgz

Install CSF on Almalinux

Navigate to the extracted directory:

cd csf

Now, install CSF on AlmaLinux using the installation script:

sudo sh install.sh
How to install CSF on Almalinux

Chapter 4: Configuring CSF

After a successful installation, CSF’s default configuration is ready to use. However, it’s essential to review and adjust the settings to meet your specific security requirements.

Accessing CSF’s Configuration File

You can edit CSF’s configuration file using any text editor. In this example, we’ll use nano:

sudo nano /etc/csf/csf.conf

The first step is to disable the testing mode by changing the values to 0 and restart the CSF on AlmaLinux using the following command csr -r


Configuration Options

a. Firewall Configuration

  • TCP_IN and TCP_OUT: These options allow you to specify which incoming and outgoing ports should be open. Review and update these to match your server’s services.
How to install CSF on Almalinux

b. Intrusion Detection System (IDS)

  • LF_TRIGGER_PERM: Adjust the number of login failures required to trigger a permanent IP block.
  • LF_SSHD: Configure settings related to SSH login failures.

c. Email Alerts

  • LF_ALERT_TO: Set the email address to receive CSF alerts.
  • LF_ALERT_FROM: Set the email address from which alerts will be sent.

Make changes as needed, and save the file.

Restart CSF

Restart CSF on AlmaLinux after making changes to the configuration file for the new settings to take effect:

sudo csf -r

Chapter 5: Basic CSF Commands

Now that you have CSF installed and configured, let’s explore some basic commands to manage your firewall and monitor security events.

Starting and Stopping CSF

You can start CSF with the following command:

sudo csf -s

To stop CSF, use:

sudo csf -x

Checking the Status

To check the status of CSF and its associated services, use:

sudo csf -status

Allowing and Blocking IPs

To allow an IP address through the firewall, use:

sudo csf -a IP_ADDRESS

To block an IP address, use:

sudo csf -d IP_ADDRESS

Chapter 6: Monitoring and Alerts

CSF provides valuable insights into your server’s security through its monitoring and alerting features.

Viewing Logs

CSF logs can help you track and analyze security events. The primary log file is located at /var/log/lfd.log. You can view the log in real-time using:

sudo tail -f /var/log/lfd.log

Final Thoughts

In conclusion, ConfigServer Security & Firewall (CSF) is an invaluable tool for enhancing the security of your AlmaLinux server. By following this comprehensive guide, you have successfully installed and configured CSF, providing an additional layer of defense against potential threats. Regularly monitor CSF logs and stay informed about security events to ensure the ongoing protection of your server.

Remember that server security is an ongoing process. Keep CSF updated and adapt its settings to evolving threats, ensuring that your server remains secure.

We hope this guide has been helpful in strengthening your server’s security.


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.