CSF Firewall CLI Guides


This article provides useful information for managing CSF firewall CLI.

ConfigServer Security and Firewall provides a native command-line interface with the ability to manage nearly all aspects of CSF and LFD from a terminal session. The CLI is especially helpful when CSF is installed on servers without control panel integration, such as WHM/cPanel.

CSF Firewall CLI

Here is a list of available csf commands and their usage:


Command Description Example
csf -h
Prints CSF help guide
ron@rwhsupport[~]# sudo csf -h
csf -l
List/Show the IPv4 iptables configuration
ron@rwhsupport[~]# sudo csf -l
csf -e
Enables CSF
ron@rwhsupport[~]# sudo csf -e
csf -x
Disables CSF
ron@rwhsupport[~]# sudo csf -x
csf -s
Start the firewall rules
ron@rwhsupport[~]# sudo csf -s
csf -f
Flush/Stop firewall rules (note: lfd may restart csf)
ron@rwhsupport[~]# sudo csf -f
csf -r
Restart the firewall rules
ron@rwhsupport[~]# sudo csf -r
csf -a [IP] [Optional comment]
Allow an IP and add to /etc/csf/csf.allow
ron@rwhsupport[~]# sudo csf -a 55.55.55.55 Home IP Address
csf -td [IP] [Optional comment]
Place an IP on the temporary deny list in /var/lib/csf/csf.tempban
ron@rwhsupport[~]# sudo csf -td 55.55.55.55 Odd traffic patterns
csf -tr [IP]
Remove an IP from the temporary IP ban or allow list.
ron@rwhsupport[~]# sudo csf -tr 55.55.55.55
csf -tf
Flush all IPs from the temporary IP entries
ron@rwhsupport[~]# sudo csf -tf
csf -d [IP] [Optional comment]
Deny an IP and add to /etc/csf/csf.deny
ron@rwhsupport[~]# sudo csf -d 55.55.55.55 Blocked this guy
csf -dr [IP]
Unblock an IP and remove from /etc/csf/csf.deny
ron@rwhsupport[~]# sudo csf -dr 55.55.55.55
csf -df
Remove and unblock all entries in /etc/csf/csf.deny ron@rwhsupport[~]# sudo csf -df
csf -g [IP]
Search the iptables and ip6tables rules for a match (e.g. IP, CIDR, Port Number) ron@rwhsupport[~]# sudo csf -g 55.55.55.55
csf -t
Displays the current list of temporary allow and deny IP entries with their TTL and comments
ron@rwhsupport[~]# sudo csf -t

Conclusion

This was a non-exhaustive list of CSF firewall CLI commands.

  • csf, waf, security, firewall, command line, cli
  • 1 Users Found This Useful
Was this answer helpful?

Related Articles

Suppress CSF LFD Warnings for a Specific Process

This article provides a guide to suppress CSF LFD warnings for a specific process. CSF/LFD...

Install ConfigServer Firewall (CSF) in cPanel Server

This article provides a guide to install ConfigServer Firewall (CSF) in cPanel Server. This guide...

Clone CSF Firewall Configuration to New cPanel Server

This article will provide a guide to clone CSF Firewall configuration to new cPanel server....

How to Block Specific Countries Using CSF Firewall

This article provides a guide for how to block countries using CSF Firewall. How to Block...