ManagedCloud Servers

High performance handled and monitored by us 24/7/365. A complete solution to provide you with our in house expertise 24/7 tailored to your specific needs. We'll setup a bespoke server for your site using the latest tehnologies so you can get the most out of your hardware and get your website loading quickly and reliably. Find out more..

cPanelCloud Servers

Recommended - High performance cloud servers with no technical knowledge required. If you're hosting multiple websites already and you're looking to consolidate, or if you're looking to isolate yourself from the shared hosting environment but you don't have the time or knoweldge to manage a server, then the Managed cPanel Servers are for you. Find out more..

UnmanagedCloud Servers

Our unmanaged range gives you complete control at rock bottom prices and our cloud platform boasts super fast multipath 40Gb/s network, the latest Intel Xeon V3 CPUs and enterprise grade redundant SSDs. If you're a sysadmin look no further, we offer some of the best specification to price ratio servers available. Find out more..

Want your very own server? Get our 1GB memory, Xeon V4, 20GB SSD VPS for £10.00 / month.

Get a Cloud Server

How to Install and Configure CSF on CentOS 7

CSF (Config Server Firewall) is a firewall configuration script created to provide better security for your server while giving you an easy to use, advanced interface for managing your firewall settings. CSF configures your server’s firewall to lock down public access to services and only allow certain connections, such as logging in to FTP, checking your email, or loading your websites which makes your server more secure. CSF can detect when someone is logging into the server via SSH and alerts you when this user tries to use the "su" command on the server to get higher privileges. CSF is a good security solution for hosting servers and can be integrated into the user interface (UI) of WHM/cPanel, DirectAdmin, and Webmin.


You don't have to own any special kind of hardware to install Config server Firewall on your server all you'll have to do is own a CentOS 7 server and root privileges over it. You can switch between non root user to root user using sudo -i command.

Installing CSF and Dependencies

CSF is based on Perl so you'll have to install perl first. You'll also need wget package and a text editor to install CSF, here we are using nano text editor you can have any text editor of your choice.

yum -y install wget nano perl-libwww-perl.noarch perl-Time-HiRes

Next go to the "/usr/src/" directory and download CSF using wget command as shown in the below commands.

cd /usr/src/ wget

We have successfully downloaded the CSF archive file now you'll have to extract this archive file and then install it using following command:

tar -xzf csf.tgz cd csf sh

You should get a message stating " installation is completed " at the end of this process.

Now let's check that CSF really works on this server and to do so please go to the "/usr/local/csf/bin/" directory, and run "" using following commands:

cd /usr/local/csf/bin/ perl

You should see a result stating that "csf should function on this server" on your screen, this indicates that CSF is running without problems on your server.

Configure CSF

Before going through the configuration process of CSF you'll have to stop and disable the default firewalld services of CentOS 7 server and to do so run following command:

systemctl stop firewalld systemctl disable firewalld

Now we can configure the CSF on our server so go to the CSF configuration directory and edit configuration file using any text editor you want but here we are using nano text editor.

cd /etc/csf/ nano csf.conf

Find "TESTING " on line 11 and change it to TESTING = "0", save the file and exit from the text editor for applying the firewall configuration. Next, start CSF and LFD services using systemctl command as shown below.

systemctl start csf systemctl start lfd

Now enable these services to start at boot time using following commands.

systemctl enable csf systemctl enable lfd

You can check the list of default rules using csf -l command:

Basic CSF Commands

There are some basic CSF commands given and explained below:

csf -s <- Run this command to start and enable firewall rules. csf -f <- Run this command to stop or flush the firewall rules csf -r <-Run this command to reload the firewall rules csf -a yourIP <- Allow an IP and add it to csf.allow and you should see something similar to this in result.
Adding yourIP to csf.allow and iptables ACCEPT...
ACCEPT  all opt -- in !lo out *  yourIP  ->  
ACCEPT  all opt -- in * out !lo  -> yourIP

Use following command to remove and delete an IP from csf.allow and result should be similar to this.

csf -ar yourIP
Removing rule...
ACCEPT  all opt -- in !lo out *  yourIP  ->  
ACCEPT  all opt -- in * out !lo  -> yourIP

Use Following command to deny an IP and add to csf.deny.

csf -d yourIP
Adding yourIP to csf.deny and iptables DROP...
DROP  all opt -- in !lo out *  yourIP  ->  
LOGDROPOUT  all opt -- in * out !lo  -> yourIP

Use following command to remove and delete an IP from csf.deny. csf -dr yourIP

Removing rule...
DROP  all opt -- in !lo out *  yourIP  ->  
LOGDROPOUT  all opt -- in * out !lo  -> yourIP

Use following command to remove and Unblock all entries from csf.deny. csf -df

DROP  all opt -- in !lo out *  yourIP1  ->  
LOGDROPOUT  all opt -- in * out !lo  -> yourIP1  
DROP  all opt -- in !lo out *  yourIP2  ->  
LOGDROPOUT  all opt -- in * out !lo  -> yourIP2    
csf: all entries removed from csf.deny


In this tutorial we've learned how to install and configure CSF on a CentOS 7 server. It has many features and can support web-based management tools like cPanel / WHM, DirectAdmin and Webmin.

Want your very own server? Get our 1GB memory, Xeon V4, 20GB SSD VPS for £10.00 / month.

View Plans