CSF Firewall CLI Guides


This article provides useful information for managing CSF firewall CLI.

ConfigServer Security and Firewall provides a native command-line interface with the ability to manage nearly all aspects of CSF and LFD from a terminal session. The CLI is especially helpful when CSF is installed on servers without control panel integration, such as WHM/cPanel.

CSF Firewall CLI

Here is a list of available csf commands and their usage:


Command Description Example 
csf -h
 Prints CSF help guide 
ron@rwhsupport[~]# sudo csf -h
 
csf -l
 List/Show the IPv4 iptables configuration 
ron@rwhsupport[~]# sudo csf -l
 
csf -e
 Enables CSF 
ron@rwhsupport[~]# sudo csf -e
 
csf -x
 Disables CSF 
ron@rwhsupport[~]# sudo csf -x
 
csf -s
 Start the firewall rules 
ron@rwhsupport[~]# sudo csf -s
 
csf -f
 Flush/Stop firewall rules (note: lfd may restart csf) 
ron@rwhsupport[~]# sudo csf -f
 
csf -r
 Restart the firewall rules 
ron@rwhsupport[~]# sudo csf -r
 
csf -a [IP] [Optional comment]
 Allow an IP and add to /etc/csf/csf.allow 
ron@rwhsupport[~]# sudo csf -a 55.55.55.55 Home IP Address
 
csf -td [IP] [Optional comment]
 Place an IP on the temporary deny list in /var/lib/csf/csf.tempban 
ron@rwhsupport[~]# sudo csf -td 55.55.55.55 Odd traffic patterns
 
csf -tr [IP]
 Remove an IP from the temporary IP ban or allow list. 
ron@rwhsupport[~]# sudo csf -tr 55.55.55.55
 
csf -tf
 Flush all IPs from the temporary IP entries 
ron@rwhsupport[~]# sudo csf -tf
 
csf -d [IP] [Optional comment]
 Deny an IP and add to /etc/csf/csf.deny 
ron@rwhsupport[~]# sudo csf -d 55.55.55.55 Blocked this guy
 
csf -dr [IP]
 Unblock an IP and remove from /etc/csf/csf.deny 
ron@rwhsupport[~]# sudo csf -dr 55.55.55.55
 
csf -df
 Remove and unblock all entries in /etc/csf/csf.deny ron@rwhsupport[~]# sudo csf -df 
csf -g [IP]
 Search the iptables and ip6tables rules for a match (e.g. IP, CIDR, Port Number) ron@rwhsupport[~]# sudo csf -g 55.55.55.55 
csf -t
 Displays the current list of temporary allow and deny IP entries with their TTL and comments 
ron@rwhsupport[~]# sudo csf -t

Conclusion

This was a non-exhaustive list of CSF firewall CLI commands.

  • csf, waf, security, firewall, command line, cli
  • 1 Users Found This Useful
Was this answer helpful?

Related Articles

Suppress CSF LFD Warnings for a Specific Process

This article provides a guide to suppress CSF LFD warnings for a specific process. CSF/LFD...

Install ConfigServer Firewall (CSF) in cPanel Server

This article provides a guide to install ConfigServer Firewall (CSF) in cPanel Server. This guide...

Clone CSF Firewall Configuration to New cPanel Server

This article will provide a guide to clone CSF Firewall configuration to new cPanel server....