[CSF] ConfigServer Security & Firewall installation on Webmin

ValentineValentine Administrator


ConfigServer Security & Firewall (CSF) is a suite of scripts provides:
  • A straight-forward SPI iptables firewall script;
  • A daemon process that checks for Login Authentication;
  • A Control Panel configuration interface;
  • ... and much more!
The tutorial was prepared with our "CentOS 6 + Webmin" template and is meant to work on our self-managed virtual private servers.

0. Preliminary requirements:
"CentOS 6 + Webmin" template installed on server;
"perl-libwww-perl" installed on the server (yum install perl-libwww-perl -y);
Fully updates server software (yum update).

1. CSF installation

Installation of CSF is quite straightforward:

cd /usr/src

wget https://download.configserver.com/csf.tgz

tar -xzf csf.tgz

cd csf

sh install.sh

2. CSF module installation in Webmin

CSF module installation is done through Webmin interface so first you should log in to you Webmin instance. By default the address is:

http://your-server-ip:10000

After successfully login you should select "Webmin" and "Webmin Configuration":


In "Webmin Configuration" select "Webmin Modules":



In "Webmin modules" select "From local files" and specify the path to module archive and isntall module.
/usr/local/csf/csfwebmin.tgz


NOTE: if you are using "Authentic Theme 18.10" you should remove "csf.min.js" file because of a bug:

rm /usr/libexec/webmin/authentic-theme/extensions/csf.min.js -f

3. CSF configuration

After successfully installation you can now configure your ConfigServer Security & Firewall. Select "System" and "ConfigServer Security & Firewall" in your Webmin instance:



You should now see that there is two notices that we need to take care of. So select "ConfigServer Firewall" and then select "Firewall Configuration":



First we will turn of testing mode:



And then we should restrict syslog/rsyslog access:



After these changes press the button "Change" at the bottom of the page and "Restart csf+lfd" afterwards.

That it, now you have fully working ConfigServer firewall. For more information regarding CSF please visit their Read me page.
Sign In or Register to comment.