Config Server Security & Firewall provide basic and necessary security application for Linux servers.
Before getting started, make sure you firstly install CSF on your server following what’s described on our previous guide.
1. We can whitelist a specific IP so any connection from that IP will be allowed on CSF:
csf -a IP address
This will add IP address in /etc/csf/csf.allow. After white listing the IP address , do not forget to restart the firewall.
2. Remove an IP address from the temporary IP ban list:
csf -tr IP address
3. Remove a blocked IP address without adding into your whitelist:
csf -dr IP address
That will remove IP from CSF deny list.
4. Block an IP address:
csf -d IP address
This will add IP to CSF list of denied IP address (blocked)
5. This will show whether an IP is blocked by CSF service or not:
csf -g IP address
6. To disable csf and lfd:
csf -x
7. Enable csf and lfd:
csf -e
8. remove an IP from CSF allowlist:
csf -ar IP address
This will remove IP address from /etc/csf/csf.allow.
9. To restart firewall rules:
csf -r
10. To flush CSF firewall:
csf -f
Please leave comments for more opinions or tips regarding basic command we can use to secure a Linux server with CSF firewall.