csf logo ConfigServer Security & Firewall - csf v6.47
Firewall Status: Enabled and Running

Server Information
Perform a basic security, stability and settings check on the server
View the csf+lfd readme.txt file
Watch (tail) various system log files (listed in csf.syslogs)
Search (grep) various system log files (listed in csf.syslogs)
View the last 100 iptables log lines
View lfd blocking statistics
View basic system statistics

You are running the latest version of csf. An Upgrade button will appear here if a new version becomes available

csf - ConfigServer Firewall
Edit the configuration file for the csf firewall and lfd
Apply pre-configured csf.conf profiles and backup/restore csf.conf
Display the active iptables rules
Allow IP address through the firewall and add to the allow file (csf.allow).
Comment for Allow:
Block IP address in the firewall and add to the deny file (csf.deny).
Comment for Block:
Ignore IP address in lfd, add to the ignore file (csf.ignore) and restart lfd
Remove IP address from the firewall (temp and perm blocks)
Edit csf.allow, the IP address allow file
Edit csf.deny, the IP address deny file (Currently: 29 permanent IP bans)
Enables csf and lfd if previously Disabled
Completely disables csf and lfd
Restart the csf iptables firewall
Have lfd restart the csf iptables firewall
Temporarily IP address for .
View/Remove the temporary IP entries (Currently: 0 temp IP bans, 0 temp IP allows)
Search iptables for IP address
Deny access to and from specific IP addresses configured on the server (csf.sips)
Removes and unblocks all entries in csf.deny (excluding those marked "do not delete") and all temporary IP entries (blocks and allows)
Redirect connections to this server to other ports/IP addresses

lfd - Login Failure Daemon
Display lfd status
Restart lfd
Edit lfd ignore file
Edit the Directory File Watching file (csf.dirwatch) - all listed files and directories will be watched for changes by lfd
Edit the Dynamic DNS file (csf.dyndns) - all listed domains will be resolved and allowed through the firewall
Edit email alert templates. See Firewall Information for details of each file
Edit the Log Scanner file (csf.logfiles) - Scan listed log files for log lines and periodically send a report
Edit the Blocklists configuration file (csf.blocklists)
Edit the syslog/rsyslog allowed users file (csf.syslogusers)

cPanel Resellers
Privileges can be assigned to cPanel Reseller accounts by editing this file (csf.resellers)

Check that iptables has the required modules to run csf

While we are happy to provide these scripts for free, we are a very small company. If you do decide to use them, we'd be eternally grateful for any donation so that we can continue to develop and provide them
Amount in $USD:

(You are free to cancel at any time)
csf: v6.47

2006-2014, ConfigServer Services (Way to the Web Limited)