How to Install CSF Firewall on AlmaLinux 8

install CSF firewall AlmaLinux

Find out how you can install CSF Firewall on AlmaLinux 8 to protect your VPS cloud server! CSF Firewall is a Stateful Packet Inspection (SPI) firewall, Login/Intrusion Detection and Security application that is very popular among Linux servers. Furthermore, it is absolutely free to us!

CSF Firewall vs firewalld

firewalld is pre-installed in most Linux distributions, such as the AlmaLinux 8. In addition to the basic filtering network packets, CSF Firewall includes other security features. For instance, its login intrusion and flood detections. Hence CSF is able to recognize many attacks, such as port scans, SYN floods, and login brute force attacks on many services. Therefore upon detecting suspicious activities, CSF will temporarily place the attacker on a block list. Last but not least, CSF Firewall is also very popular among cPanel, DirectAdmin and Webmin control panel users, for its UI integration, something the firewalld does not offer.

Summary

  • Create a Scalable VPS with AlmaLinux 8 
  • Connect to your VPS Cloud Server via SSH
  • Install CSF Firewall
  • Disable firewalld and any other iptables firewall
  • Start using CSF Firewall

Install CSF Firewall

  1. Begin first by installing the prerequisites using the following command:
    dnf install perl-libwww-perl.noarch perl-LWP-Protocol-https.noarch perl-GDGraph wget tar perl-Math-BigInt
  2. Next, execute the following commands to download, extract and install CSF Firewall:
    cd /usr/src
    
    wget https://download.configserver.com/csf.tgz
    
    tar -xzf csf.tgz
    
    cd csf
    
    sh install.sh
  3. Finally, you can now run this command to check if your cloud server has the required iptable modules:
    perl /usr/local/csf/bin/csftest.pl

    Now, you should expect to see the following output, confirming everything is well:

    Testing ip_tables/iptable_filter…OK
    Testing ipt_LOG…OK
    Testing ipt_multiport/xt_multiport…OK
    Testing ipt_REJECT…OK
    Testing ipt_state/xt_state…OK
    Testing ipt_limit/xt_limit…OK
    Testing ipt_recent…OK
    Testing xt_connlimit…OK
    Testing ipt_owner/xt_owner…OK
    Testing iptable_nat/ipt_REDIRECT…OK
    Testing iptable_nat/ipt_DNAT…OK

    RESULT: csf should function on this server

Disable firewalld and any other iptables firewall

  1. Run the following commands to disable firewalld
    systemctl stop firewalld
    
    systemctl disable firewalld
  2. Note that if you have already installed any other iptables firewall script, such as the APF, do remove or disable it too.

Start using CSF Firewall

  1. Let us being by running the following command to turn off testing mode:
    sed 's/TESTING = "1"/TESTING = "0"/g' /etc/csf/csf.conf
  2. You can now restart CSF Firewall using the following command, and you’re done!
    csf -r

Conclusions

This article shows you how to install CSF Firewall on AlmaLinux 8, one of the basic and free ways to secure your cloud VPS server. In summary, by following these simple steps, you can enhance the protection of your VPS cloud server or dedicated server, for free! Finally, be sure to check out CSF Firewall’s readme file to learn how to use the firewall to protect yourself effectively.

Related Post