In this article, we’ll walk you through 20 Basic CSF Firewall commands that will help you use ConfigServer Security Firewall (CSF) more efficiently in SSH also.
In this tutorial, we’ll first explain what the command does, and then we’ll use those basic commands with live examples.
Let’s dive right in!!
Note: You must have the SSH login with root access to run CSF Commands. Else, you can upgrade your current plan with a Dedicated Hosting plan.
1. Check Your CSF Version
Use the above command to check your current CSF (ConfigServer Security Firewall) version.
2. Enable CSF
Use the above command to enable CSF.
3. Disable CSF
Use the above command to disable CSF.
4. Allow an IP Address
csf -a 192.168.1.1
The above command will allow that specific IP to access the server.
5. Temporary Deny/Block an IP Address
csf -td 192.168.1.1
The above command will deny that specific IP to access the server.
6. To Restart CSF
The above command will restart only the IPtables rules in CSF.
7. To Restart CSF & LFD
The above command will restart the CSF rules as well as LFD services.
8. To Restart LFD Services Only
systemctl restart lfd
Use the above command to restart LFD services.
9. Permanently Block an IP Address
csf -d 192.168.1.1
The above command will permanently block that specific IP to access the server.
10. Block an IP Address Temporary [For 24 Hours]
csf -td 192.168.1.1 86400
The above command will block that specific IP address to access the server for 24 hours (Hours defined in seconds).
11. To Check the Block Reason of an IP
csf -g 192.168.1.1
You can check the blocked IP reason by following the above command.
12. Unblock an IP Address
csf -dr 192.168.1.1
Use the above command to unblock an IP address to access the server.
13. Whitelist an IP Address
csf -a 192.168.1.1
Use the above command to whitelist an IP address.
14. Whitelist a Range of IPs
csf -a 192.168.1.1/24
This will whitelist IPs from 192.168.1.1 to 192.168.1.256. We used the CIDR method to block a range of IPs.
15. Whitelist a Range of IPs Temporary [For 24 Hours]
csf -ta 192.168.1.1/24 86400
The above command will whitelist a range of IPs for 24 hours (Hours defined in Seconds).
16. Flush all Temporary IP Blocks at Once
The above command will flush all the temporary blocks, and the IPs will again be able to access the server.
17. Flush/Remove All Permanent IP Blocks
Use the above command to flush all the permanent IP blocks.
18. List All Temporary Allowed/Denied IPs
The above command will display all the temporary allowed and denied IP addresses.
19. CSF Services Commands
service csf stop
service csf start
service csf restart
Use the above commands to stop, start, and restart the CSF Services.
20. CSF IPtables Commands
Use the above commands to Stop, Start, Save and Restart the IPtables.
I believe now you have a clear-cut knowledge about CSF commands, and you can easily use these CSF commands in your command line. Other than this, if you still do not understand something, feel free to hit the comment section, or simply visit Redserverhost.com and open a Free Support Ticket. Our experienced Technical Support Team will be happy to assist you.
Moreover, you can follow us on Facebook and Twitter for any further inquiries or suggestions. We always appreciate suggestions.