How to Install Config Server Firewall (CSF) on Debian 11

ConfigServer Security & Firewall (CSF) is a popular firewall and security tool for Linux systems. A Stateful Packet Inspection (SPI) firewall uses iptables to filter traffic on your system. Here are the steps to install CSF on Debian 11:

Step 1. Before installing the ConfigServer Security & Firewall (CSF) software, ensure your system has all the latest updates.

[root@my ~]# apt update && apt upgrade

Step 2. Install ConfigServer Security & Firewall (CSF) required dependencies by running the following command:

[root@my ~]# apt-get install sendmail dnsutils unzip libwww-perl libio-socket-ssl-perl libcrypt-ssleay-perl git perl iptables libnet-libidn-perl libio-socket-inet6-perl libsocket6-perl -y 

Step 3. Download the latest version of CSF from the official website:

[root@my ~]# wget

Step 4. Extract the downloaded file:

[root@my ~]# tar -xzf csf.tgz

Step 5. Change to the CSF directory:

[root@my ~]# cd csf

Step 6. Install CSF by running the installation script:

[root@my ~]# sudo ./

Now you will receive the output “Installation Completed”, which indicates the successful installation.

Step 7. To check if everything works fine and if all the iptables modules are loaded, you can run the following command.

[root@my ~] perl /usr/local/csf/bin/

Now you will receive the output Below.

[root@my ~]# Testing ip_tables/iptable_filter...OK
Testing ipt_LOG...OK
Testing ipt_multiport/xt_multiport...OK
Testing ipt_REJECT...OK
Testing ipt_state/xt_state...OK
Testing ipt_limit/xt_limit...OK
Testing ipt_recent...OK
Testing xt_connlimit...OK
Testing ipt_owner/xt_owner...OK
Testing iptable_nat/ipt_REDIRECT...OK
Testing iptable_nat/ipt_DNAT...OK

RESULT: csf should function on this server

Note: Make sure that you have sudo privileges or are logged in as the root user to perform these commands. Also, it’s important to test your firewall rules to ensure that they are working as expected.

Leave a Comment

− 5 = 5