How to Install CSF Firewall in WHM/cPanel (2026 Guide)

Maintaining a robust firewall is the first line of defense for any web server. While the original developers no longer provide active commercial support, ConfigServer Security & Firewall (CSF) remains a top-tier, open-source security tool for cPanel users globally. In this guide, we provide the updated installation steps for 2026 (post official shutdown) using our verified repository.

Prerequisites for CSF Installation

Before you begin, ensure your server meets the following requirements:

• Root Access: You must have SSH access to your server as the root user.

• Operating System: cPanel supported OS (AlmaLinux 8/9, Rocky Linux, or Ubuntu).

• Clean Environment: Remove conflicting firewall utilities like firewalld or APF.

Step-by-Step CSF Installation on cPanel in 2026-27

1. Remove Conflicting Firewalls

On modern OS versions like AlmaLinux or Rocky Linux, firewalld is often enabled by default. Since CSF manages its own iptables rules, you must remove it to prevent conflicts.

systemctl stop firewalld
systemctl disable firewalld
yum remove firewalld -y

2. Download and Extract the CSF Package

Navigate to the source directory and download the verified CSF bundle from the myglobalHOST secure mirror.

cd /usr/src
rm -fv csf.tgz
wget https://csf.myglobalhost.in/csf.tgz
tar -xzf csf.tgz
cd csf

3. Run the Installation Script

Execute the dedicated cPanel installation script. This script automatically detects your WHM environment and installs the necessary plugins.

sh install.cpanel.sh

4. Verify the Installation

Once the script finishes, verify that the required iptables kernel modules are available on your server:

perl /usr/local/csf/bin/csftest.pl

You should see a message stating that CSF should function correctly on your server.

Finalizing Setup in WHM

After the terminal installation, you must complete the setup within the WHM interface:

1. Log in to WHM as root.

2. Navigate to Home » Plugins » ConfigServer Security & Firewall.

3. Click on Firewall Configuration.

4. Disable Testing Mode: Find the TESTING flag. Change the value from ON (1) to OFF (0).

5. Scroll to the bottom and click Change.

6. Click Restart csf+lfd.

Note: CSF starts in “Testing Mode” to prevent you from accidentally locking yourself out of your server. Only disable it once you have confirmed your SSH port is whitelisted.

FAQs: Installing CSF in 2026-27

Q1: Is CSF still safe to use after the 2025 shutdown? A1: Yes. CSF was released under the GPLv3 license. As long as you use the verified open-source version, it remains one of the most effective firewall managers for Linux servers.

Q2: Can I install CSF on Ubuntu cPanel servers? A2: Absolutely. The installation steps are nearly identical, though you would use apt-get for dependencies instead of yum.

Q3: What happens to CSF auto-updates? A3: Since the original update servers are offline, you should set AUTO_UPDATES = 0 in your csf.conf to avoid connection errors.

Q4: Will CSF affect my website performance? A4: No. CSF is a lightweight front-end for iptables. It consumes very few system resources while providing massive security benefits.

Q5: How do I access the CSF interface? A5: Once installed, it appears under the Plugins section in your WHM left-hand menu.

Q6: Can I use CSF alongside Imunify360? A6: Imunify360 usually includes its own firewall management. If you use Imunify360, it is generally recommended to use their integrated solution rather than a standalone CSF install.

Q7: How do I whitelist my IP address? A7: You can use the command csf -a [your_ip] in SSH or add it via the “Quick Allow” box in the WHM CSF plugin.

Q8: What is LFD? A8: LFD stands for Login Failure Daemon. It works with CSF to monitor logs for failed login attempts and automatically blocks brute-force attackers.

Q9: Does CSF support IPv6? A9: Yes, CSF fully supports IPv6 filtering. Ensure IPV6 = 1 is set in your configuration file.

Q10: How do I uninstall CSF? A10: Navigate to /etc/csf and run sh uninstall.sh.

How to Configure CSF?

Next Step: Now that your firewall is installed, you need to optimize it for your specific needs. Check out our next article: “How to Configure CSF in WHM/cPanel?“ for the best security settings.