NOTE: Way to the Web Ltd. (the company behind ConfigServer) has announced it will close permanently on August 31, 2025. However, cPanel now provides CSF as described below.
cPanel will provide its own fork of CSF starting Feb 25th, 2026
Introduction
This guide's purpose is purely informational and is intended to help identify common commands provided by CSF.
Procedure
You can view all the CSF command line options by using either of the following commands.
# man csf
# csf -h
For ease of reference, here is a list of a few very useful CSF commands covering some of the most common tasks when managing CSF on your server.
| Command | Description | Example |
|---|---|---|
| csf -e | Enable CSF | root@server[~]#csf -e |
| csf -x | Disable CSF | root@server[~]#csf -x |
| csf -s | Start the firewall rules | root@server[~]#csf -s |
| csf -f |
Flush/Stop firewall rules (note: lfd may restart csf) |
root@server[~]#csf -f |
| csf -r | Restart the firewall rules | root@server[~]#csf -r |
| csf -a [IP] [Optional comment] |
Allow an IP and add to /etc/csf/csf.allow |
root@server[~]#csf -a 187.33.3.3 Home IP Address |
| csf -td [IP] [Optional comment] | Place an IP on the temporary deny list in /var/lib/csf/csf.tempban | root@server[~]#csf -td 55.55.55.55 Odd traffic patterns |
| csf -tr [IP] |
Remove an IP from the temporary IP ban or allow list. |
root@server[~]#csf -tr 66.192.23.1 |
| csf -tf |
Flush all IPs from the temporary IP entries |
root@server[~]#csf -tf |
| csf -d [IP] [Optional comment] | Deny an IP and add to /etc/csf/csf.deny | root@server[~]#csf -d 66.192.23.1 Blocked This Guy |
| csf -dr [IP] | Unblock an IP and remove from /etc/csf/csf.deny | root@server[~]#csf -dr 66.192.23.1 |
| csf -df | Remove and unblock all entries in /etc/csf/csf.deny | root@server[~]#csf -df |
| csf -g [IP] | Search the iptables and ip6tables rules for a match (e.g. IP, CIDR, Port Number) | root@server[~]#csf -g 66.192.23.1 |
| csf -t | Displays the current list of temporary allow and deny IP entries with their TTL and comments | root@server[~]#csf -t |
Additional Resources
ConfigServer Security & Firewall (csf)
Comments
0 comments
Article is closed for comments.