{"id":12526,"date":"2025-12-20T12:46:32","date_gmt":"2025-12-20T07:16:32","guid":{"rendered":"https:\/\/www.youstable.com\/blog\/?p=12526"},"modified":"2025-12-20T12:46:34","modified_gmt":"2025-12-20T07:16:34","slug":"install-csf-firewall-on-linux","status":"publish","type":"post","link":"https:\/\/www.youstable.com\/blog\/install-csf-firewall-on-linux","title":{"rendered":"How to Install CSF Firewall on Linux Server &#8211; (Step by Step Guide 2026)"},"content":{"rendered":"\n<p>To install CSF <strong>(ConfigServer Security &amp; Firewall)<\/strong> on a Linux server, remove conflicting firewalls (firewalld\/ufw), install prerequisites, download csf.tgz, run install.sh, test with csftest.pl, open required ports in csf.conf, disable TESTING mode, and start CSF\/LFD. CSF adds iptables-based firewalling, login brute-force protection, connection limits, and alerting for production servers.<\/p>\n\n\n\n<p>In this guide, you\u2019ll learn how to install CSF Firewall on a Linux server, configure it safely, and apply best practices for hardening. We\u2019ll cover Ubuntu, Debian, AlmaLinux, Rocky, CentOS, and cPanel\/WHM environments, using beginner-friendly steps backed by real-world hosting experience.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"what-is-csf-firewall-and-lfd\"><strong>What is CSF Firewall and LFD?<\/strong><\/h2>\n\n\n\n<p><strong>ConfigServer Security &amp; Firewall (CSF)<\/strong> is an advanced, iptables-based firewall for Linux that simplifies port management, IP allow\/deny rules, connection limits, and brute-force protection. Its companion, Login Failure Daemon (LFD), monitors logs for suspicious activity (e.g., failed SSH logins) and automatically blocks offenders in real time.<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"2848\" height=\"1600\" src=\"https:\/\/www.youstable.com\/blog\/wp-content\/uploads\/2025\/12\/image-54.png\" alt=\"What is CSF Firewall and LFD?\" class=\"wp-image-12687\" srcset=\"https:\/\/www.youstable.com\/blog\/wp-content\/uploads\/2025\/12\/image-54.png 2848w, https:\/\/www.youstable.com\/blog\/wp-content\/uploads\/2025\/12\/image-54-150x84.png 150w\" sizes=\"auto, (max-width: 2848px) 100vw, 2848px\" \/><\/figure>\n\n\n\n<p>CSF is popular in web hosting because it balances security and usability, integrates with cPanel\/WHM, and provides rich features like country blocking, port flood protection, and email alerts without heavy resource overhead.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"before-you-start-compatibility-and-requirements\"><strong>Before You Start: Compatibility &amp; Requirements<\/strong><\/h2>\n\n\n\n<p>CSF supports most mainstream server distributions: Ubuntu, Debian, AlmaLinux, Rocky Linux, CloudLinux, and legacy CentOS. It relies on iptables; on newer distributions that default to nftables, ensure iptables-legacy compatibility is available.<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Root SSH access<\/li>\n\n\n\n<li>iptables and required kernel modules available<\/li>\n\n\n\n<li>Perl installed (default on most servers)<\/li>\n\n\n\n<li>No conflicting firewall managers (firewalld or UFW) running concurrently<\/li>\n<\/ul>\n\n\n\n<p>Tip: Keep an open <a href=\"https:\/\/www.youstable.com\/blog\/how-to-configure-ssh-backup-via-jetbackup-in-whm\/\">SSH session while configuring<\/a> CSF so you don\u2019t lock yourself out. Test access from a second terminal or IP before applying strict rules.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"step-1-remove-or-disable-conflicting-firewalls\"><strong>Step 1: Remove or Disable Conflicting Firewalls<\/strong><\/h2>\n\n\n\n<p>CSF directly manages iptables rules. Disable any other firewall front-ends (firewalld on RHEL-derived distros or UFW on Ubuntu) to avoid rule conflicts.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"on-almalinux-rocky-centos\"><strong>On AlmaLinux\/Rocky\/CentOS<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo systemctl stop firewalld\nsudo systemctl <a href=\"https:\/\/www.youstable.com\/blog\/how-to-stop-and-disable-firewalld\/\">disable firewalld<\/a>\nsudo systemctl mask firewalld<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"on-ubuntu-debian\"><strong>On Ubuntu\/Debian<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo ufw disable\nsudo systemctl stop ufw\nsudo systemctl disable ufw<\/code><\/pre>\n\n\n\n<p>If your distro uses nftables by default, ensure iptables-legacy is available. On Debian\/Ubuntu, this can help when needed:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo update-alternatives --set iptables \/usr\/sbin\/iptables-legacy\nsudo update-alternatives --set ip6tables \/usr\/sbin\/ip6tables-legacy<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"step-2-install-dependencies\"><strong>Step 2: Install Dependencies<\/strong><\/h2>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"ubuntu-debian\"><strong>Ubuntu\/Debian<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo apt-get update\nsudo apt-get install -y wget curl perl libwww-perl iptables<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"almalinux-rocky-centos\"><strong>AlmaLinux\/Rocky\/CentOS<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo dnf install -y wget curl perl perl-libwww-perl iptables<\/code><\/pre>\n\n\n\n<p>Note: Package names may vary slightly by distro. If wget isn\u2019t available, use curl with -O to download files.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"step-3-download-and-install-csf\"><strong>Step 3: Download and Install CSF<\/strong><\/h2>\n\n\n\n<p>Use the official download from ConfigServer. The following steps work on most Linux distributions:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>cd \/usr\/src\nsudo wget https:\/\/download.configserver.com\/csf.tgz\nsudo tar -xzf csf.tgz\ncd csf\nsudo sh install.sh<\/code><\/pre>\n\n\n\n<p>After installation, verify that your system supports all needed iptables modules:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo perl \/usr\/local\/csf\/bin\/csftest.pl<\/code><\/pre>\n\n\n\n<p>If csftest.pl reports missing modules, you may be on a limited virtualization platform or a kernel without required netfilter modules. Check with your host or enable the necessary modules.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"step-4-initial-configuration-and-safe-enable\"><strong>Step 4: Initial Configuration and Safe Enable<\/strong><\/h2>\n\n\n\n<p>By default, CSF installs in TESTING mode to prevent accidental lockouts. Adjust your ports and disable testing before enabling the firewall.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"edit-csf-conf\"><strong>Edit csf.conf<\/strong><\/h3>\n\n\n\n<p>Open the main configuration file:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo nano \/etc\/csf\/csf.conf<\/code><\/pre>\n\n\n\n<p>Key settings to review:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>TESTING = &#8220;1&#8221; \u2192 Set to &#8220;0&#8221; when ready.<\/li>\n\n\n\n<li>TCP_IN, TCP_OUT \u2192 Open only required ports (e.g., 22, 80, 443).<\/li>\n\n\n\n<li>UDP_IN, UDP_OUT \u2192 Keep minimal; often DNS (53) if hosting DNS.<\/li>\n\n\n\n<li>RESTRICT_SYSLOG \u2192 Consider enabling on single-user servers.<\/li>\n\n\n\n<li>IGNOREIP \u2192 Whitelist your office\/home IPs.<\/li>\n<\/ul>\n\n\n\n<p>Example minimal web server ports:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>TCP_IN = \"22,80,443\"\nTCP_OUT = \"80,443,53\"\nUDP_IN = \"53\"\nUDP_OUT = \"53\"<\/code><\/pre>\n\n\n\n<p>Using cPanel\/WHM? Keep the cPanel-related ports open (see the FAQ for a common list).<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"enable-csf-and-start-lfd\"><strong>Enable CSF and Start LFD<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code># Turn off testing mode in \/etc\/csf\/csf.conf first\nsudo csf -r         # reload rules\nsudo csf -e         # enable CSF\nsudo systemctl enable lfd\nsudo systemctl start lfd\nsudo csf -l         # list current rules<\/code><\/pre>\n\n\n\n<p>Keep your original SSH session alive. Open a new terminal to confirm you can still log in before closing the first one.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"essential-csf-commands-cheat-sheet\"><strong>Essential CSF Commands (Cheat Sheet)<\/strong><\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>csf -e \/ csf -x \u2192 Enable\/disable the firewall<\/li>\n\n\n\n<li>csf -r \u2192 Reload rules after config changes<\/li>\n\n\n\n<li>csf -l \u2192 List current iptables rules<\/li>\n\n\n\n<li>csf -a IP \u2192 Allow\/whitelist an IP (and add to csf.allow)<\/li>\n\n\n\n<li>csf -d IP \u2192 Deny\/ban an IP (and add to csf.deny)<\/li>\n\n\n\n<li>csf -ta IP 3600 \u2192 Temporary allow for 1 hour<\/li>\n\n\n\n<li>csf -tr IP 3600 \u2192 Temporary deny for 1 hour<\/li>\n\n\n\n<li>csf -g IP \u2192 Search for an IP in rules<\/li>\n\n\n\n<li>csf -u \u2192 Check and apply CSF updates<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"harden-lfd-and-firewall-rules-quick-wins\"><strong>Harden LFD and Firewall Rules (Quick Wins)<\/strong><\/h2>\n\n\n\n<p>CSF\u2019s strength comes from LFD. Tuning a few parameters significantly improves security:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>LF_SSHD = &#8220;5&#8221; \u2192 Block after 5 failed SSH login attempts (default is safe).<\/li>\n\n\n\n<li>CT_LIMIT = &#8220;60&#8221; \u2192 Limit concurrent connections per IP to reduce abuse.<\/li>\n\n\n\n<li>SYNFLOOD = &#8220;1&#8221; \u2192 Enable SYN flood protection; tune rate and burst.<\/li>\n\n\n\n<li>PORTFLOOD = &#8220;22;tcp;5;300&#8221; \u2192 Rate-limit SSH connection bursts.<\/li>\n\n\n\n<li>SMTP_BLOCK = &#8220;1&#8221; on shared servers to prevent outbound spam from unauthorized services.<\/li>\n\n\n\n<li>CC_DENY = &#8220;CN,RU,&#8230;&#8221; \u2192 Block specific country ISO codes when justified (use sparingly).<\/li>\n<\/ul>\n\n\n\n<p>After edits, reload CSF:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo csf -r<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"cpanel-whm-integration\"><strong>cPanel\/WHM Integration<\/strong><\/h2>\n\n\n\n<p>On cPanel servers, CSF includes a WHM plugin for GUI management:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>WHM &gt; Plugins &gt; ConfigServer Security &amp; Firewall<\/li>\n\n\n\n<li>Edit csf.conf via the UI, manage allow\/deny lists, view LFD logs<\/li>\n\n\n\n<li>Open required cPanel ports (ensure 2083, 2087, 2086\/2082 as applicable)<\/li>\n<\/ul>\n\n\n\n<p>GUI access helps non-CLI users maintain robust firewall policies without deep iptables knowledge.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"troubleshooting-common-issues\"><strong>Troubleshooting Common Issues<\/strong><\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Can\u2019t enable CSF (csftest.pl fails): Your kernel may lack iptables modules or virtualization restricts them. Contact your provider or switch to a compatible kernel\/plan.<\/li>\n\n\n\n<li>Locked out after enabling: Keep a backup SSH session, whitelist your IP with csf -a, and ensure your SSH port is in TCP_IN.<\/li>\n\n\n\n<li>Mail alerts too noisy: Tweak LF_EMAIL_ALERT and LF_TRIGGER. Consider increasing thresholds for known, safe services.<\/li>\n\n\n\n<li>DNS issues after enabling: Open port 53 (TCP\/UDP) if the server runs a resolver or authoritative DNS.<\/li>\n\n\n\n<li>Conflict with other firewalls: Ensure firewalld\/UFW are fully disabled. Reboot if legacy rules persist.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"uninstall-or-reinstall-csf\"><strong>Uninstall or Reinstall CSF<\/strong><\/h2>\n\n\n\n<p>If you need to remove CSF completely:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>cd \/etc\/csf\nsudo sh uninstall.sh<\/code><\/pre>\n\n\n\n<p>To reinstall, repeat the download and install steps. Always back up your configuration files first:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo cp \/etc\/csf\/csf.conf \/etc\/csf\/csf.conf.bak<\/code><\/pre>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"best-practices-for-production-servers\"><strong>Best Practices for Production Servers<\/strong><\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Principle of least privilege: Open only necessary ports. Close everything else.<\/li>\n\n\n\n<li>Whitelist your management IPs and use SSH keys with a non-default SSH port.<\/li>\n\n\n\n<li>Enable LFD features like connection tracking (CT_LIMIT) and PORTFLOOD on public services.<\/li>\n\n\n\n<li>Log review: Check \/var\/log\/lfd.log and system logs regularly. Pipe alerts to a monitored mailbox or SIEM.<\/li>\n\n\n\n<li>Version hygiene: Run csf -u monthly, and patch the OS routinely.<\/li>\n\n\n\n<li>Backups: Archive csf.conf, csf.allow, csf.deny before major changes.<\/li>\n<\/ul>\n\n\n\n<p>If you manage multiple servers or require 24\/7 response, a managed provider can monitor and tune CSF for you. At YouStable, our <a href=\"https:\/\/www.youstable.com\/blog\/managed-vs-unmanaged-dedicated-server-hosting\/\">managed VPS and dedicated servers<\/a> ship with CSF\/LFD best-practice profiles and ongoing rule tuning based on real attack telemetry.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"real-world-example-harden-a-basic-lemp-wordpress-host\"><strong>Real-World Example: Harden a Basic LEMP\/WordPress Host<\/strong><\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Open TCP_IN: 22,80,443 only; TCP_OUT: 80,443,53; UDP: 53 if using local DNS resolver.<\/li>\n\n\n\n<li>Set PORTFLOOD for 22 and 80\/443 to slow abusive bursts.<\/li>\n\n\n\n<li>Enable SYNFLOOD protection with conservative rate\/burst.<\/li>\n\n\n\n<li>Use CT_LIMIT to cap per-IP concurrent connections to nginx at a safe threshold.<\/li>\n\n\n\n<li>Whitelist your CI\/CD runner IPs for deployments.<\/li>\n\n\n\n<li>Monitor LFD emails for WordPress brute-force attempts and auto-block offending IPs.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"faqs-install-csf-firewall-on-linux-server\"><strong>FAQ&#8217;s: Install CSF Firewall on Linux Server<\/strong><\/h2>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"what-is-the-difference-between-csf-and-lfd\"><strong>What is the difference between CSF and LFD?<\/strong><\/h2>\n\n\n\n<p>CSF manages iptables rules (open\/close ports, allow\/deny IPs), while LFD analyzes logs to detect brute-force attempts, port scans, and suspicious activity. LFD then instructs CSF to block offenders automatically, adding proactive intrusion prevention to your firewall.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"does-csf-work-with-nftables\"><strong>Does CSF work with nftables?<\/strong><\/h2>\n\n\n\n<p>CSF is designed for iptables. On systems defaulting to nftables, install iptables-legacy compatibility and select it via update-alternatives. Without iptables compatibility, csftest.pl will fail and CSF won\u2019t function correctly.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"which-ports-should-i-open-for-cpanel-whm\"><strong>Which ports should I open for cPanel\/WHM?<\/strong><\/h2>\n\n\n\n<p>Commonly required ports include 20, 21, 22, 25, 53, 80, 110, 143, 443, 465, 587, 993, 995, 2082\u20132083, 2086\u20132087, 2089, 2095\u20132096, and 3306 (if remote MySQL is needed). Always tailor to your service set and security policy.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"how-do-i-allow-or-block-an-ip-quickly\"><strong>How do I allow or block an IP quickly?<\/strong><\/h2>\n\n\n\n<p>Use csf -a IP to whitelist and csf -d IP to block. For temporary rules, use csf -ta IP 3600 (allow for 1 hour) or csf -tr IP 3600 (deny for 1 hour). Reload if needed with csf -r.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"how-do-i-disable-testing-mode-safely\"><strong>How do I disable testing mode safely?<\/strong><\/h2>\n\n\n\n<p>Edit \/etc\/csf\/csf.conf, set TESTING = &#8220;0&#8221;, and run csf -r. Keep an existing SSH session open when applying changes and test a second login before closing your original session.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"can-csf-replace-fail2ban\"><strong>Can CSF replace Fail2Ban?<\/strong><\/h2>\n\n\n\n<p>Yes. LFD provides similar brute-force detection and blocking features as Fail2Ban, integrated directly with CSF. Running both isn\u2019t necessary and can complicate rules. Choose one stack; CSF+LFD is common on hosting servers.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"how-do-i-uninstall-csf-if-needed\"><strong>How do I uninstall CSF if needed?<\/strong><\/h2>\n\n\n\n<p>Run the uninstaller from the CSF directory: cd \/etc\/csf &amp;&amp; sudo sh uninstall.sh. This removes CSF\/LFD and restores your firewall state. Reboot if you plan to switch back to firewalld or UFW.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"conclusion\"><strong>Conclusion<\/strong><\/h2>\n\n\n\n<p>Installing CSF Firewall on a Linux server is one of the fastest, most effective ways to raise your security baseline. With a few careful configuration steps, you gain robust port control, automated intrusion prevention, and actionable alerts\u2014ideal for web, mail, and application hosts.<\/p>\n\n\n\n<p>If you\u2019d rather not manage firewall tuning yourself, YouStable\u2019s managed VPS and dedicated hosting include CSF\/LFD configuration, monitoring, and ongoing optimization tailored to your stack and traffic profile\u2014so you stay secure without the guesswork.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>To install CSF (ConfigServer Security &amp; Firewall) on a Linux server, remove conflicting firewalls (firewalld\/ufw), install prerequisites, download csf.tgz, run [&hellip;]<\/p>\n","protected":false},"author":13,"featured_media":15650,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[350],"tags":[],"class_list":["post-12526","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-knowledgebase"],"acf":[],"featured_image_src":"https:\/\/www.youstable.com\/blog\/wp-content\/uploads\/2025\/12\/How-to-Install-CSF-Firewall-on-Linux-Server.jpg","author_info":{"display_name":"Prahlad Prajapati","author_link":"https:\/\/www.youstable.com\/blog\/author\/prahladblog"},"_links":{"self":[{"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/posts\/12526","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/users\/13"}],"replies":[{"embeddable":true,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/comments?post=12526"}],"version-history":[{"count":3,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/posts\/12526\/revisions"}],"predecessor-version":[{"id":15651,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/posts\/12526\/revisions\/15651"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/media\/15650"}],"wp:attachment":[{"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/media?parent=12526"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/categories?post=12526"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/tags?post=12526"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}