Here's a simple tutorial on installing and setting up CSF.
Instalation:
1. wget http://download.configserver.com/csf.tgz
2. tar -xzf csf.tgz
3. cd csf
4. sh install.sh
Basic Configuration:
1. settings can be seen here nano /etc/csf/csf.conf
2. to restart please use the command: csf -r
Blokir port:
1. open the nano settings page /etc/csf/csf.conf
2. look for the words TCP_IN, TCP_OUT etc...
TCP_IN = "20,21,22,25,53,80,110,143,443,465,587,993,995"
TCP_OUT = "20,21,22,25,53,80,110,113,443"
UDP_IN = "20,21,53"
UDP_OUT = "20,21,53,113,123"
from the writing above it can be interpreted that we only allow the port written above.
There are many other advantages such as:1. ICMP_IN yg berguna untuk on/off ping suatu ip address.
2. blokir ip address nano /etc/csf/csf.deny
3. allow ip address nano /etc/csf/csf.allow
4. ignore ip address nano /etc/csf/csf.ignore
5. limit loggin attempts (if exceeding the limit will be blocked ip)
6. block certain countries based on their ip address. use CC_DENY parameter
7. and many others