ConfigServer Security & Firewall (CSF) is a Stateful Packet Inspection (SPI) firewall and Login/Intrusion Detection and Security application for Linux servers which started back in 2005. CSF works as a front-end to iptables or nftables, configuring your server’s firewall rules to lock down public access to services while allowing only approved connections.
This provides better security for your server while giving you an advanced, easy-to-use interface for managing firewall settings. With CSF in place, you can safely permit activities such as logging in via FTP or SSH, checking email, and loading websites, while unauthorized access attempts are blocked.
This is free and open source software.
Features include:
- Firewall & Network Security
- Easy-to-use SPI firewall powered by iptables/nftables.
- Pre-configured for cPanel and DirectAdmin (standard ports open by default).
- Auto-detects non-standard SSH ports during installation.
- Works with multiple network interfaces.
- Supports IPv6 via ip6tables.
- Block traffic on unused server IPs to reduce attack surface.
- Country-based access control (allow/deny by ISO Country Code).
- Protection against:
- SYN floods.
- Ping of Death.
- Port scans.
- Connection flooding (per IP/per port detection).
- Permanent or temporary IP blocking (with TTL support).
- Integration with blocklists like DShield and Spamhaus DROP.
- BOGON packet protection.
- Login & User Monitoring:
- Login Failure Daemon (LFD): detects repeated login failures (brute force protection).
- Monitors authentication for:
- SSH (OpenSSH).
- FTP (Pure-ftpd, vsftpd, Proftpd).
- Mail (Courier IMAP, Dovecot, Kerio, Exim SMTP AUTH, POP3/IMAP).
- Web (cPanel/WHM, Webmail, htpasswd-protected pages).
- ModSecurity (v1 & v2).
- Suhosin.
- Custom services via regex and log file matching.
- POP3/IMAP login tracking (limit logins per hour).
- Distributed attack detection (across multiple servers).
- LFD clustering – share blocks/whitelists across a server group.
- Temporary IP allows (with TTL).
- Alerts & Notifications:
- SSH and su login notifications.
- Root access notifications (WHM).
- Alerts for:
- High server load average.
- Excessive email sending per hour (spamming detection).
- Suspicious processes running.
- Abnormal file activity in /tmp and similar directories.
- Excessive user processes or resource usage.
- Account changes (password updates, shell changes, etc.).
- Intrusion Detection & Exploit Protection:
- Intrusion Detection System (IDS) – monitors system/application binaries.
- Suspicious process and file reporting.
- Exploit checks.
- Directory and file integrity monitoring.
- ModSecurity log reporting.
- Messenger Service – optionally redirect blocked users to a custom page explaining why access is denied.
- Management & Control:
- Integrated UI for major control panels:
- cPanel, DirectAdmin, InterWorx, CWP, VestaCP, CyberPanel, Webmin.
- cPanel reseller access (per-reseller firewall controls: Allow, Deny, Unblock, Search).
- Integrated with CloudFlare Firewall.
- Upgrade firewall directly from control panel or shell.
- Quick start mode for servers with large allow/deny lists.
- Easy Dynamic DNS support (auto-allow your changing home IP).
- System statistics & graphs (CPU, load, memory, etc.).
- ipset support for handling large IP lists efficiently.
- Integrated support for cse within the UI.
- Integrated UI for major control panels:
Website: github.com/aetherinox/csf-firewall
Support:
Developer: Aetherinox
License: GNU General Public License v3.0
CSF is written in Perl. Learn Perl with our recommended free books and free tutorials.
Return to SSH Intrusion Prevention
| Popular series | |
|---|---|
 | The largest compilation of the best free and open source software in the universe. Each article is supplied with a legendary ratings chart helping you to make informed decisions. |
 | Hundreds of in-depth reviews offering our unbiased and expert opinion on software. We offer helpful and impartial information. |
 | The Big List of Active Linux Distros is a large compilation of actively developed Linux distributions. |
 | Replace proprietary software with open source alternatives: Google, Microsoft, Apple, Adobe, IBM, Autodesk, Oracle, Atlassian, Corel, Cisco, Intuit, SAS, Progress, Salesforce, and Citrix |
 | Awesome Free Linux Games Tools showcases a series of tools that making gaming on Linux a more pleasurable experience. This is a new series. |
 | Machine Learning explores practical applications of machine learning and deep learning from a Linux perspective. We've written reviews of more than 40 self-hosted apps. All are free and open source. |
 | New to Linux? Read our Linux for Starters series. We start right at the basics and teach you everything you need to know to get started with Linux. |
 | Alternatives to popular CLI tools showcases essential tools that are modern replacements for core Linux utilities. |
 | Essential Linux system tools focuses on small, indispensable utilities, useful for system administrators as well as regular users. |
 | Linux utilities to maximise your productivity. Small, indispensable tools, useful for anyone running a Linux machine. |
 | Surveys popular streaming services from a Linux perspective: Amazon Music Unlimited, Myuzi, Spotify, Deezer, Tidal. |
 | Saving Money with Linux looks at how you can reduce your energy bills running Linux. |
 | Home computers became commonplace in the 1980s. Emulate home computers including the Commodore 64, Amiga, Atari ST, ZX81, Amstrad CPC, and ZX Spectrum. |
 | Now and Then examines how promising open source software fared over the years. It can be a bumpy ride. |
 | Linux at Home looks at a range of home activities where Linux can play its part, making the most of our time at home, keeping active and engaged. |
 | Linux Candy reveals the lighter side of Linux. Have some fun and escape from the daily drudgery. |
 | Getting Started with Docker helps you master Docker, a set of platform as a service products that delivers software in packages called containers. |
 | Best Free Android Apps. We showcase free Android apps that are definitely worth downloading. There's a strict eligibility criteria for inclusion in this series. |
 | These best free books accelerate your learning of every programming language. Learn a new language today! |
 | These free tutorials offer the perfect tonic to our free programming books series. |
 | Linux Around The World showcases usergroups that are relevant to Linux enthusiasts. Great ways to meet up with fellow enthusiasts. |
 | Stars and Stripes is an occasional series looking at the impact of Linux in the USA. |