Top 20 CSF Commands With Live Examples

Hi,

In this article, we’ll walk you through 20 Basic CSF Firewall commands that will help you use ConfigServer Security Firewall (CSFmore efficiently in SSH also.

In this tutorial, we’ll first explain what the command does, and then we’ll use those basic commands with live examples.

Let’s dive right in!!

Note: You must have the SSH login with root access to run CSF Commands. Else, you can upgrade your current plan with a Dedicated Hosting plan.

CSF Commands

1.  Check Your CSF Version

csf -help

Use the above command to check your current CSF (ConfigServer Security Firewall) version.

2.  Enable CSF

csf -e

Use the above command to enable CSF.

3.  Disable CSF

csf -x

Use the above command to disable CSF.

4.  Allow an IP Address

csf -a 192.168.1.1

The above command will allow that specific IP to access the server.

5.  Temporary Deny/Block an IP Address

csf -td 192.168.1.1

The above command will deny that specific IP to access the server.

6.  To Restart CSF

csf -r

The above command will restart only the IPtables rules in CSF.

7.  To Restart CSF & LFD

csf -ra

The above command will restart the CSF rules as well as LFD services.

8.  To Restart LFD Services Only

systemctl restart lfd

Use the above command to restart LFD services.

9.  Permanently Block an IP Address

csf -d 192.168.1.1

The above command will permanently block that specific IP to access the server.

10.  Block an IP Address Temporary [For 24 Hours]

csf -td 192.168.1.1 86400

The above command will block that specific IP address to access the server for 24 hours (Hours defined in seconds).

11.  To Check the Block Reason of an IP

csf -g 192.168.1.1

You can check the blocked IP reason by following the above command.

12.  Unblock an IP Address

csf -dr 192.168.1.1

Use the above command to unblock an IP address to access the server.

13.  Whitelist an IP Address

csf -a 192.168.1.1

Use the above command to whitelist an IP address.

14.  Whitelist a Range of IPs

csf -a 192.168.1.1/24

This will whitelist IPs from 192.168.1.1 to 192.168.1.256. We used the CIDR method to block a range of IPs.

15.  Whitelist a Range of IPs Temporary [For 24 Hours]

csf -ta 192.168.1.1/24 86400

The above command will whitelist a range of IPs for 24 hours (Hours defined in Seconds).

16.  Flush all Temporary IP Blocks at Once

csf -tf

The above command will flush all the temporary blocks, and the IPs will again be able to access the server.

17.  Flush/Remove All Permanent IP Blocks

csf -df

Use the above command to flush all the permanent IP blocks.

18.  List All Temporary Allowed/Denied IPs

csf -t

The above command will display all the temporary allowed and denied IP addresses.

19.  CSF Services Commands

service csf stop
service csf start
service csf restart

Use the above commands to stop, start, and restart the CSF Services.

20.  CSF IPtables Commands

iptables start
iptables stop
iptables save
iptables restart

Use the above commands to Stop, Start, Save and Restart the IPtables.

Conclusion

I believe now you have a clear-cut knowledge about CSF commands, and you can easily use these CSF commands in your command line. Other than this, if you still do not understand something, feel free to hit the comment section, or simply visit Redserverhost.com and open a Free Support Ticket. Our experienced Technical Support Team will be happy to assist you.

Moreover, you can follow us on Facebook and Twitter for any further inquiries or suggestions. We always appreciate suggestions.