How to Install CSF on WHM/cPanel in AlmaLinux: A Complete Guide
Posted inCoding Courses Linux

How to Install CSF on WHM/cPanel in AlmaLinux: A Complete Guide

No Comments

ConfigServer Security & Firewall (CSF) is a powerful and popular firewall application for servers running WHM/cPanel. It provides enhanced security, better control over traffic, and a user-friendly interface for managing server security. If you are using AlmaLinux 8 and want to secure your WHM/cPanel setup, CSF is an excellent choice. In this guide, we’ll walk you through the process of installing and configuring CSF on WHM/cPanel in AlmaLinux.

What is CSF (ConfigServer Security & Firewall)?

CSF is a stateful packet inspection (SPI) firewall, login/intrusion detection, and security tool for Linux servers. It’s highly compatible with WHM/cPanel and provides a GUI interface for easy management. CSF offers features like:

  • IP address whitelisting/blacklisting
  • Port monitoring
  • Email alerting for suspicious activities
  • Login failure detection
  • Integration with WHM/cPanel

Prerequisites

Before starting the installation, ensure the following:

  • Server Requirements:
    • A server running AlmaLinux 8.
    • WHM/cPanel already installed.
    • Root or sudo user access.
  • Open Ports:
    • Ensure the necessary ports for WHM/cPanel (e.g., 2087, 2083) are open.
  • System Updates:
    • Update your system packages:
sudo dnf update -y

Step 1: Install CSF on AlmaLinux

Follow these steps to install CSF:

  • Log in to Your Server: Use SSH to log in to your server as the root user or a sudo-enabled user.
ssh root@your-server-ip
  • Download CSF: Download the latest CSF package from the official ConfigServer website:
wget https://download.configserver.com/csf.tgz
  • Extract the Package: Extract the downloaded tarball:
tar -xzf csf.tgz
  • Install CSF: Navigate to the extracted directory and run the installation script:
cd csf
sudo sh install.sh

Step 2: Verify CSF Installation

After the installation, verify that CSF is working correctly:

  • Test if IPTables Modules are Installed: Run the following script to check for required IPTables modules:
sudo perl /usr/local/csf/bin/csftest.pl

If the output shows all required modules are installed, proceed to the next step. If not, install the missing modules or check your server’s configuration.

Step 3: Configure CSF

CSF comes with a default configuration, but you may need to customize it based on your requirements.

  • Edit the Configuration File:
sudo nano /etc/csf/csf.conf
  • Enable CSF: Set TESTING to 0 in the configuration file to enable CSF:
TESTING = "0"
  • Save and Restart CSF:
sudo csf -r

Step 4: Integrate CSF with WHM

  • Log in to WHM: Access your WHM interface at:
https://<your-server-ip>:2087
  • Navigate to CSF Interface: Go to Plugins > ConfigServer Security & Firewall.
  • Manage CSF Settings: Use the GUI to manage firewall rules, whitelist/blacklist IPs, and configure other settings.

Step 5: Open Necessary Ports

Ensure that ports required by WHM/cPanel and other services are open in the firewall configuration:

  • Edit the CSF Configuration File:
sudo nano /etc/csf/csf.conf
  • Add Required Ports: Update the following parameters with the necessary ports:
TCP_IN = "20,21,22,25,53,80,110,143,443,465,587,993,995,2083,2087,3306"
TCP_OUT = "20,21,22,25,53,80,110,113,443,587,993,995,2083,2087,3306"
  • Restart CSF:
sudo csf -r

Step 6: Test CSF Configuration

  • Check CSF Status:
sudo csf -e
  • Block an IP Address (Example):
sudo csf -d <IP-address> "Blocked due to suspicious activity"
  • Allow an IP Address:
sudo csf -a <IP-address> "Trusted IP"

Benefits of Using CSF with WHM/cPanel

  • Enhanced Security: CSF provides robust protection against unauthorized access and attacks.
  • User-Friendly Interface: The WHM plugin makes managing firewall settings simple and intuitive.
  • Customizable Rules: Easily configure rules to meet specific requirements.
  • Real-Time Monitoring: CSF offers real-time tracking and alerting for suspicious activities.
  • DDoS Protection: Protects your server against Distributed Denial of Service attacks

Conclusion

Installing and configuring CSF on WHM/cPanel with AlmaLinux 8 is a straightforward process that significantly enhances your server’s security. By following this guide, you can ensure that your server is well-protected against potential threats. Regularly monitor your CSF settings and update them as needed to maintain optimal security.

If you have any issues or need further assistance, refer to the official CSF documentation or consult the WHM community forums.

Tags:

Comments

No comments yet. Why don’t you start the discussion?

Leave a Reply

Your email address will not be published. Required fields are marked *