Install ConfigServer Security & Firewall (CSF)

Step 1 – Install packages

$ sudo yum install perl-GDGraph perl-libwww-perl -y
$ sudo yum install perl-libwww-perl net-tools perl-LWP-Protocol-https -y
$ sudo yum install perl-libwww-perl.noarch perl-LWP-Protocol-https.noarch -y 
$ sudo yum install perl-IO-Socket-SSL.noarch perl-Net-SSLeay perl-Net-LibIDN perl-IO-Socket-INET6 perl-Socket6 -y

Step 2 – Install CSF

$ wget https://download.configserver.com/csf.tgz
$ tar -zxvf csf.tgz
$ cd csf
$ sudo ./install.sh

Step 3 – Config CSF

$ sudo vi /etc/csf/csf.conf

[...]

TESTING = "0"

[...]
# 0 = Allow those options listed above to be used and configured
# 1 = Disable all the options listed above and prevent them from being used
# 2 = Disable only alerts about this feature and do nothing else
# 3 = Restrict syslog/rsyslog access to RESTRICT_SYSLOG_GROUP **  RECOMMENDED **
RESTRICT_SYSLOG = "3"
[...]

# Allow incoming TCP ports
TCP_IN = "20,21,22,25,53,80,110,143,443,465,587,993,995"

# Allow outgoing TCP ports
TCP_OUT = "20,21,22,25,53,80,110,113,443,587,993,995"

# Allow incoming UDP ports
UDP_IN = "20,21,53"

# Allow outgoing UDP ports
# To allow outgoing traceroute add 33434:33523 to this list 
UDP_OUT = "20,21,53,113,123,33434:33523"

[...]

ST_ENABLE = "1"
ST_IPTABLES = "100"
ST_SYSTEM = "1"
ST_SYSTEM_MAXDAYS = "30"
ST_APACHE = "1"
ST_DISKW = "1"
ST_DISKW_FREQ = "1"

[...]

UI = "1"
UI_IP = ""
UI_USER = "ngadimin"
UI_PASS = "[email protected]*234#"
UI_ALLOW = "1"
UI_BLOCK = "1"

[...]


$ sudo vi /etc/csf/ui/ui.allow
103.xxx.xxx.xxx	# gateway / ip public client remote

Step 4 – Restart CSF

$ sudo systemctl enable csf
$ sudo systemctl enable lfd

$ sudo systemctl restart csf
$ sudo systemctl restart lfd

Step 5 – CSF usage

To see list of rules.
$ sudo csl -l

To restart CSF.
$ sudo csf -r

Add Block IP
$ sudo csf -d <IP>

Deny removal
$ sudo csf -dr <IP>

Add Allow IP
$ sudo csf -a <IP>

Allow removal 
$ sudo csf -ar <IP>