Close Topic Options

CSF Firewall Configuration

CSF Firewall

What are your thoughts about CSF Firewall as good protection for your server?

Configuration Firewall CSF

Its a very good one with a lot of options. Use it in conjunction with other things, don't trust in just that alone because it will cure some problems but not all. Also, the down side is sometimes it blocks your own scripts on the server so ensure you allow and deny certain IPs.

CSF Firewall Configuration Gaming Video & Issues Computer

I have a question... Do you guys think that PT_USERKILL should be 1 or is their a risk that it might inadvertently shut down my server or a script?

Configuration Firewall CSF

I have PT_USERKILL set to 1 and had no problems. When someone uses more resources than you have specified it just kills the PID or that user not the whole script.

Configuration Firewall CSF

Sometimes CSf may get over zealous (Or just doing its job) and block attempts to Cpanel or FTP. To allow certain IPs make sure to:

1. Login to [Yourdomain.com]/WHM/
2. Scroll down to the section for plugins on the left and click: "ConfigServer Security& Firewall"
3. On the right of the page look for the field with this text: "Allow IP address [..........] through the firewall and add to the allow file (Csf.allow)."
4. Put in the IP address there and click the "Quick Allow" Button.

CSF Firewall Configuration

For constant Emails about "Excessive resource usage:" for a specific program go into: /etc/csf/csf.pignore on the server and add in the executable that you want it to ignore. For instance:

Then restart CSF.

The other way is to ignore this resource Email altogether via "PT_USERMEM=0" in the CSF configuration or the time involved by increasing PT_USERTIME but that is not recommended.