How Do You Manage ConfigServer Firewall (CSF)
We have already discussed about installing the ConfigServer firewall (CSF) in linux. The post you will be using most common commands and changes in the configuration file.
Allow port number in Firewall:
Below ports are opened by defaults,
For example if you want to set MySQL port 3306 should be opened give comma(,) add the port in TCP_IN and TCP_OUT.
How to block IP Address:
Deny an IP address and added to /etc/csf/csf.deny directory
How to unblock an IP address :
Unblock an IP address and removed from /etc/csf/csf.deny directory
How to allow an IP address permenatly:
Allow an IP address and added to /etc/csf/csf.allow
How to Deny or Allow countries:
Search the option CC_DENY or CC_ALLOW and added the country codes.
Each option is a comma separated list of CC's
How Ignore the LFD email alert at particular user.
Enter the user id to csf.uidignore file,
You can get a user id from /etc/passwd
How to set alert email report from server :
Do you get an alert report email from the server lfd will send the relevant alert template to configured email
Executables (exe) command lines (cmd) and usernames (user) that lfd process tracking will ignore open the csf pignore file and add the exe path, for example three executable files ignored.
If you curious more csf command ask help :