Hello friends, in this article, I will tell you the CSF firewall commands, the ConfigServer Security & Firewall commands and what they do. For those who want to install CSF or have not yet done it, I explained how to install CSF in our previous article and they can do the installation process without any problems. These commands are very important for those who cannot log into the panel. Let's examine which command works line by line.
CSF Commands / ConfigServer Security & Firewall Commands
csf -l OR csf --status => Show configuration, status and settings
csf -l6 OR csf --status6 => shows ipv6 based configuration settings
csf -s OR csf --start => Initialize CSF
csf -f OR csf –stop => CSF stops. Be careful If you stop and start your firewall or start a defeat CSF will start again.
csf -r OR csf --restart => CSF restarts
csf -q OR csf --startq => CSF quick start
csf -sf OR csf --startf => CSF restarts regardless of any setting, obstacle or control
csf -a xxx.xxx.xxx.xxx OR csf --add xxx.xxx.xxx.xxx => Add IP address to trusted list, allow (/etc/csf.allow)
csf -ar xxx.xxx.xxx.xxx OR csf --addrm xxx.xxx.xxx.xxx => Removes IP address from trusted list (/etc/csf.allow)
csf -d xxx.xxx.xxx.xxx OR csf --deny xxx.xxx.xxx.xxx => Add or block IP address to ban list (/etc/csf.deny)
csf -dr xxx.xxx.xxx.xxx OR csf --denyrm xxx.xxx.xxx.xxx => Removes IP address from ban list (/etc/csf.deny)
csf -df OR csf --denyf => Removes all banned IP addresses from lsist, clears the collared IP list (/etc/csf.deny)
csf -g xxx.xxx.xxx.xxx OR csf --grep xxx.xxx.xxx.xxx => Checks if the IP address is in any list
csf -t OR csf --temp => Displays the current list of temporary IP entries and their TTL
csf -tr xxx.xxx.xxx.xxx OR csf --temprm xxx.xxx.xxx.xxx => Removes a temporarily banned IP address from the list
csf -td xxx.xxx.xxx.xxx ttl [-p port] [-d direction] OR csf –tempdeny xxx.xxx.xxx.xxx ttl [-p port] [-d direction] => Create a temporary IP ban list. Adds IP. How long will ttl be blocked (default: seconds, or you can use h / m / d). Optional block direction can be: in (in), out (out) or inout (in out) (default: in)
csf -ta xxx.xxx.xxx.xxx ttl [-p port] [-d direction] OR csf –tempallow xxx.xxx.xxx.xxx ttl [-p port] [-d direction] => IP to temporarily allowed IP list adds the address. ttl how long time will be allowed (default: seconds, or you can use h / m / d). Optional block direction can be either: in (in), out (out), or inout (in out) (default: in)
csf -tf OR csf --tempf => Clears all IPs from temporary IP list
csf -cp OR csf --cping => LFD matches all records in firewall
csf -cd xxx.xxx.xxx.xxx OR csf --cdeny xxx.xxx.xxx.xxx => Adds an IP address blocked by LFD to the CSF firewall blocked IP list (/etc/csf.deny)
csf -ca xxx.xxx.xxx.xxx OR csf --callow xxx.xxx.xxx.xxx => Adds an LFD-allowed IP address to the CSF firewall allowed IP list (/etc/csf.allow)
csf -cr xxx.xxx.xxx.xxx OR csf --crm xxx.xxx.xxx.xxx => Removes a blocked IP address from the list (/etc/csf.deny)
csf -cc [name] [value] OR csf --cconfig [name] [value] => Changing configuration option in a Set to [name] value [value]
csf -cf [file] OR csf --cfile [file] => Send [file] in a Cluster to / etc / Upload a config and IP list file into CSF (/ etc / csf /)
csf -crs OR csf --crestart => Restart cluster csf and lfd
csf -m [addr] OR csf –mail [addr] => Display Network Server checks HTML or email address [if available] [addr]
csf -lr OR csf --logrun => Starts login browser report via lfd
csf -c OR csf --check => Checks for CSF updates but does not update
csf -u OR csf --update => Checks for CSF updates and updates if available
csf -uf => Force update of CSF
csf -x OR csf --disable => Disable CSF and LFD firewalls
csf -e OR csf --enable => Attribute CSF and LFD firewalls
These are the CSF Commands, the ConfigServer Security & Firewall commands. By typing these commands over SSH, you can do whatever you want on the firewall. If you are stuck with a part or a command that does not work, you can get help from our live support line or by leaving a comment.