Install CSF and LDF with WHM Interface

Steps on how to download and install CSF and LDF with the WHM interface. Also, the last command will remove APF and BFD, which are the same type of application, so there are no conflicts over the iptables they control.

Install Code


cd /tmp
rm -fv csf.tgz
wget http://www.configserver.com/free/csf.tgz
tar -xzf csf.tgz
cd csf
sh install.sh
sh /etc/csf/remove_apf_bfd.sh

Post Install Steps

  • After a successful install, open WHM and proceed to the Plugins -> ConfigServer Security & Firewall page
  • Click Configure Firewall and set the value of TESTING to 0
  • On VPS packages, also set MONOLITHIC_KERNEL to 1
  • Scroll down and press Change
  • Click Restart csf+ldf
  • Back on the main ConfigServer Security & Firewall page, the Quick Allow option can be used to add an IP to the Allow table to prevent being blocked in the event of inadvertent login failures from a trusted IP address.

Troubleshooting

Error

iptables LKM ip_tables missing so this firewall cannot function unless you enable MONOLITHIC_KERNEL in /etc/csf/csf.conf AND/OR you receive emails from the server saying lfd failed....A restart was attempted automagically

Solution

  • In WHM, go to ConfigServer Security & Firewall and then click the Configure Firewall button. Scroll down to MONOLITHIC_KERNEL and set the value to 1 to enable it. Then press the Change button, followed by the Restart csf+ldf button on the next page.
  • OR connect via SSH and edit /etc/csf/csf.conf Then, change from MONOLITHIC_KERNEL = 0 to MONOLITHIC_KERNEL = 1 and save the file and restart the server with

    csf -r

Other Notes

  • The Check Server Security can be used as a base level tool to grade and recommend security items on the web server
  • To uninstall CSF use

    sh /etc/csf/uninstall.sh

For reservations, call office(800) 890-1702. Send fan mail to our work location at 101 N Main Street, Third Floor, Greenville, SC 29601 USA 34.850823 -82.398746
Lovingly crafted by orangecoat with some rights reserved, and a promise not to spam you.

Back to top