[How-to] CSF Support in Hestia CP

Community Support
122

what is the status of this, does the guide working with latest version?

thanks

123

@bubblecatcher For now you can use my steps and a mix of @indianets. Thanks!

124

*** as of today, HestiaTeam is not providing any supporting yet for CSF, due to strong reasons behind there…

But there are ways to have it working within hestia UI…

ref: How to install CSF on Hestiacp web ui [config firewall] | Guest Blog Posting

hestia-csf

Just run this below command as ROOT user from your linux terminal. (Tested with Hestia v1.7.3 * Ubuntu 20.x)

wget https://raw.githubusercontent.com/vvcares/hestia/master/hestia_csf_install.sh && bash hestia_csf_install.sh

The above command will do as below:

  1. Download the script from vvcares-github repo
  2. It will check if there is an existing CSF installation in ‘/etc/csf/’.
  3. If exists, it will proceed to Step#5
  4. If not exist, it will install fresh/new CSF firewall
  5. It will automatically add the hestiacp backend port into ‘CSF.CONF > TCP_IN’
  6. Create an additional folder called ‘csf folder’ inside ‘/usr/local/hestia/web/list/’
  7. Add the CSF link button into your ‘hestiacp panel > in main admin dashboard only’ & Exit.

It is important to note that CSF should not be your only line of defense for securing your server. You should also follow best practices for server security, such as keeping your server software up-to-date, using strong passwords, and limiting access to only necessary users and services.

3 Likes
125

Due to strong reasons behind there what?

I haven’t explored CSF since few years. Is there anything a user should be concerned about before trying CSF?

126

CSF has lot of unique settings can filter/blocking etc.,
commercial server, Im using this combo for few years.

If the team supports for CSF, there will be tons of questions will arise & have to spend time for troubleshooting for a 3rd party’s application.

3 Likes
127

Hello! Can you update the Blog link?

The Github link is also broken.

128

Hi, its working well.
I tried just now both to VVCARES.COM & GITHUB. Both are working well…

129

Oops. The Github link is ok. I copied the wrong link here.

The Blog does not have a broken link. It’s Cloudflare blocking access.

Captura de tela 2024-04-15 123419
Captura de tela 2024-04-15 123419786×777 30.5 KB

Your script is perfect!!! It worked here with Debian 11 and hesciaCP v1.8.11 :+1:

Do you disable fail2ban to use CSF :question:

130

Hi, In my preduction server, Im running about ~20 sites in my server.
I’m just using CSF+Fail2Ban together, running smoothly. But some says, F2B is not needed. Just CSF is enough. But Im not sure.