discussion Guide Plesk Installing CSF on Plesk Panel: Linux Firewall Management Guide 2025

[CL4Y]

Installing CSF on Plesk Panel: Linux Firewall Management Guide 🛡️​

To maximize your server’s security, you can install and configure CSF (ConfigServer Security & Firewall), one of the most popular Linux firewall tools.
CSF integrates perfectly with Plesk Panel and helps protect your server against common network attacks such as UDP floods.
Here’s how to install and configure it step by step.

---

Installing CSF via Terminal​

Connect to your server via SSH and run the following commands one by one:

cd /usr/src/
wget https://download.configserver.com/csf.tgz
tar -xzf csf.tgz
cd csf
sh install.sh

Once the installation is complete, you can start configuring the security settings by editing the csf.conf file.

---

Configuring UDP Flood Protection (csf.conf File)​

To edit the configuration file, use the nano text editor.
If nano is not installed on your system, you can install it with:

yum install nano

Now open the CSF configuration file:

cd /etc/csf/
nano csf.conf

Inside the file, find the section titled SECTION:Port Flood Settings.
You’ll see parameters similar to these:

UDPFLOOD = "0"
UDPFLOOD_LIMIT = "100/s"
UDPFLOOD_BURST = "800"

You can adjust the protection level as follows:

• Set UDPFLOOD to "1" to enable protection.
• Keep UDPFLOOD_LIMIT = "100/s" as it is (100 packets per second).
• UDPFLOOD_BURST = "800" determines how many UDP packets from a single IP are tolerated before blocking. This setting dynamically blocks IPs sending excessive UDP traffic.

An average value of 800 is usually ideal.
If your server is under heavy attack, you can lower it (e.g., 400).
Be cautious though — setting it too low might cause your own IP to be blocked.
If that happens, simply restart your modem or wait for your IP to change.

---

UDP Flood Configuration Table​

The table below summarizes the recommended settings for normal and attack conditions:

Setting	Description	During Attack	Normal Operation
UDPFLOOD	Enable or disable protection	1 (enabled)	1
UDPFLOOD_LIMIT	Packets allowed per second	lower (e.g. 50/s)	100/s
UDPFLOOD_BURST	Threshold before IP ban	lower (e.g. 400)	800

---

Essential CSF Commands​

After saving your changes, you can manage your firewall easily using the following CSF commands in SSH.

CSF Management Commands​

Unban Your Own IP (if you get locked out):

csf -df 192.168.1.1

1. Unblock a previously banned IP:

csf -dr IP_address

(Alternatively, remove it from /etc/csf.deny and restart CSF.)

2. Remove a temporarily banned IP:

csf -tr IP_address

3. Permanently block an IP address:

csf -d IP_address

4. Permanently whitelist an IP address:

csf -a IP_address

5. Restart the CSF firewall:

csf -r

6. Disable the CSF firewall completely:

csf -x

7. Re-enable the CSF firewall:

csf -e

8. Check CSF configuration syntax:

csf -c

9. View temporarily banned IPs:

csf -g IP_address

10. Check the CSF version:

csf -v

With these settings, you can optimize your CSF firewall and protect your Linux server against common attack vectors.
​

 

[CL4Y]

If a problem occurs, you can open a ticket.