{"id":794,"date":"2024-11-07T08:08:37","date_gmt":"2024-11-07T08:08:37","guid":{"rendered":"https:\/\/blog.trustedhosting.in\/?p=794"},"modified":"2026-04-14T13:18:15","modified_gmt":"2026-04-14T13:18:15","slug":"how-to-install-csf-firewall-via-whm-cpanel","status":"publish","type":"post","link":"https:\/\/www.webystrata.com\/blog\/how-to-install-csf-firewall-via-whm-cpanel\/","title":{"rendered":"How to Install CSF Firewall via WHM\/cPanel?"},"content":{"rendered":"

\"How<\/a>
\nHow to Install CSF Firewall via WHM\/cPanel?<\/h1>\n

Config Server Firewall<\/strong> or CSF is a Stateful Packet Inspection (SPI) firewall that is a powerful and must-install application that you can install via WHM on cPanel. It works as a system for intrusion detection and a prime security application for your Linux server. As a security tool, CSF protects your server<\/a> against various common threats such as brute force attacks while improving the overall server security.<\/p>\n

The CSF application is also available for other control panel applications to install and deploy.<\/p>\n

To Install CSF Firewall<\/h2>\n

To install CSF on cPanel, you have to use your server\u2019s SSH access.<\/p>\n

1. Log in to the WHM panel with the root account.<\/p>\n

2. Select the\u00a0Server Configuration<\/strong>\u00a0option from the navigation menu.<\/p>\n

\"\"<\/p>\n

3. Click on\u00a0Terminal<\/strong>\u00a0to open the WHM terminal window.<\/p>\n

\"\"<\/p>\n

4. Copy\/enter this code in the\u00a0Terminal<\/strong>\u00a0window.<\/p>\n

cd \/usr\/local\/src\/\r\nwget https:\/\/download.configserver.com\/csf.tgz\r\ntar -xzf csf.tgz\r\ncd csf\r\nsh install.sh<\/pre>\n
WHM will run the command and automatically download the compatible version of CSF for cPanel.<\/p>\n
\"\"<\/p>\n
5. Press\u00a0Enter<\/strong>\u00a0to run the installation.<\/p>\n
The WHM panel will begin the installation process of the CSF application and display a success message for the completed installation.<\/p>\n
Once you install the CSF application, you will have to configure it.<\/p>\n
To Configure the CSF\u00a0Firewall<\/h2>\n
1. Go back to the\u00a0Home<\/strong>\u00a0of your WHM dashboard and select the\u00a0Plugins<\/strong>\u00a0option from the navigation menu.<\/p>\n
\"\"<\/p>\n
\"How
How to Install CSF Firewall via WHM\/cPanel?<\/figcaption><\/figure>\n
2. Here, you will see the option\u00a0ConfigServer Security & Firewall.<\/strong>\u00a0Click on it.<\/p>\n
Here, you will find a variety of options to\u00a0configure the\u00a0ConfigServer Security & Firewall\u00a0<\/strong>application.<\/p>\n
3. Click on the\u00a0csf<\/strong>\u00a0tab.<\/p>\n
4. Scroll down a little to the\u00a0csf \u2013 ConfigServer Firewall<\/strong>\u00a0section and click on the\u00a0Firewall Configuration<\/strong>\u00a0button.<\/p>\n
\"\"<\/p>\n
You will find all the options for the firewall configurations. We will see a quick rundown on the important settings to get you started.<\/p>\n
\n
1. Settings for Port Filtering Configuration \u2013 IPv4 Port<\/h3>\n
For the IPv4 Port, you will notice these ports as open by default:<\/p>\n
    \n
  • TCP_IN = \u201c20,21,22,25,53,80,110,143,443,465,587,993,995,2077,2078,2082,2083,2086,2087,2095,2096,26\u201d<\/li>\n
  • TCP_OUT = \u201c20,21,22,25,37,43,53,80,110,113,443,587,873,2086,2087,2089,2703\u201d<\/li>\n
  • UDP_IN 20,21,53<\/li>\n
  • UDP_OUT 20,21,53,113,123,873,6277\"\"<\/li>\n<\/ul>\n
    Once you have changed your SSH port number, add this new port on the\u00a0IPv4 Port Settings<\/strong>\u00a0and\/or\u00a0IPv6 Port Settings<\/strong>. You can also\u00a0add a specific port for a newly\u00a0installed application on the server from\u00a0this section.<\/p>\n
    We recommend the users who deploy the R1soft\/Idera external backup solution to allow the inbound traffic for TCP port 1167 in the port TCP_IN section.<\/p>\n
    \n
    2. Activate the Syslog Monitoring<\/h3>\n
    Scroll down to the\u00a0General Settings<\/strong>\u00a0section and set the\u00a0SYSLOG_CHECK<\/strong>\u00a0 to\u00a01800<\/strong>.
    \n\"\"<\/p>\n
    3. Activate the Detection of Suspicious Processes<\/h3>\n
    Scroll down to the\u00a0Process Tracking<\/strong>\u00a0section.<\/p>\n
      \n
    • Set \u201cPT_ALL_USERS<\/strong>\u201d to \u201cON<\/strong>\u201c<\/li>\n
    • Set \u201cPT_DELETED<\/strong>\u201d to \u201cON<\/strong>\u201c<\/li>\n
    • \"\"<\/li>\n<\/ul>\n
      4. Activate Spam Protection and Detection of Suspicious Emails<\/h3>\n
      With CSF, you can secure your server from spams and bulk email activity.<\/p>\n
        \n
      • Scroll down to the\u00a0SMTP Settings<\/strong>\u00a0section.<\/li>\n
      • Switch the\u00a0SMTP_BLOCK<\/strong>\u00a0to\u00a0On<\/strong>.<\/li>\n
      • \"\"<\/li>\n
      • Scroll down to the\u00a0Login Failure Blocking and Alerts<\/strong>\u00a0section<\/li>\n
      • Locate the\u00a0LF_SCRIPT_LIMIT<\/strong>\u00a0and set it to\u00a0250<\/strong>. It will detect the scripts sending more than 250 emails in an hour.<\/li>\n
      • Switch the\u00a0LF_SCRIPT_ALERT<\/strong>\u00a0to\u00a0On<\/strong>. It will alert the system administrator via email when the\u00a0LF_SCRIPT_LIMIT\u00a0<\/strong>is breached.<\/li>\n<\/ul>\n
        \"\"<\/p>\n
        5. Save the Changes and Confirm the Status<\/h3>\n
          \n
        • Scroll down to the end of the page and click the\u00a0Change<\/strong>\u00a0button.\"\"<\/li>\n
        • It will save the configurations you made to the firewall application.
          \n
          \n
            \n
          • Click the\u00a0Restart csf+isd<\/strong>\u00a0button. It will restart the csf and isd and apply your firewall configurations.<\/li>\n<\/ul>\n
            \"\"<\/p><\/blockquote>\n
            Click the\u00a0Return<\/strong>\u00a0button to go back to the main dashboard of the\u00a0ConfigServer Security & Firewall\u00a0<\/strong>application.<\/p>\n
            After confirming that you have made all the necessary configurations, you need to:<\/p>\n
            \n
            Disable Testing<\/h3>\n
            Currently, your CSF application is running in the\u00a0Test Mode<\/strong>. You have to deactivate the mode.<\/p>\n
              \n
            • Reaccess the\u00a0csf \u2013 ConfigServer Firewall<\/strong>\u00a0section and click the\u00a0Firewall Configuration<\/strong>\u00a0button.<\/li>\n
            • Locate the\u00a0TESTING<\/strong>\u00a0option in the\u00a0Initial Settings<\/strong>\u00a0section.<\/li>\n
            • Click on the\u00a0Off<\/strong>\u00a0switch.\"\"<\/li>\n<\/ul>\n
              Again, you have to repeat the\u00a0process to save the configurations. Click the\u00a0Change<\/strong>\u00a0button, and then\u00a0the\u00a0Restart csf+isd<\/strong>\u00a0button.<\/p>\n
              With it, you will have successfully installed and activated the\u00a0CSF Firewall on your cPanel account.<\/p><\/blockquote>\n<\/li>\n<\/ul>\n<\/blockquote>\n<\/blockquote>\n","protected":false},"excerpt":{"rendered":"
              How to Install CSF Firewall via WHM\/cPanel? Config Server Firewall or CSF is a Stateful Packet Inspection (SPI) firewall that…<\/p>\n","protected":false},"author":1,"featured_media":11505,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[11,9,3],"tags":[],"class_list":["post-794","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cpanel-complete-tutorials","category-linux","category-whm-panel"],"_links":{"self":[{"href":"https:\/\/www.webystrata.com\/blog\/wp-json\/wp\/v2\/posts\/794","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.webystrata.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.webystrata.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.webystrata.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.webystrata.com\/blog\/wp-json\/wp\/v2\/comments?post=794"}],"version-history":[{"count":2,"href":"https:\/\/www.webystrata.com\/blog\/wp-json\/wp\/v2\/posts\/794\/revisions"}],"predecessor-version":[{"id":11506,"href":"https:\/\/www.webystrata.com\/blog\/wp-json\/wp\/v2\/posts\/794\/revisions\/11506"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.webystrata.com\/blog\/wp-json\/wp\/v2\/media\/11505"}],"wp:attachment":[{"href":"https:\/\/www.webystrata.com\/blog\/wp-json\/wp\/v2\/media?parent=794"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.webystrata.com\/blog\/wp-json\/wp\/v2\/categories?post=794"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.webystrata.com\/blog\/wp-json\/wp\/v2\/tags?post=794"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}