{"id":12724,"date":"2025-12-16T11:33:21","date_gmt":"2025-12-16T06:03:21","guid":{"rendered":"https:\/\/www.youstable.com\/blog\/?p=12724"},"modified":"2025-12-16T11:33:24","modified_gmt":"2025-12-16T06:03:24","slug":"what-is-csf-firewall-on-linux-server","status":"publish","type":"post","link":"https:\/\/www.youstable.com\/blog\/what-is-csf-firewall-on-linux-server","title":{"rendered":"What is CSF Firewall on Linux Server? &#8211; (Install &amp; Configure in 2026)"},"content":{"rendered":"\n<p>CSF firewall <strong>(ConfigServer Security &amp; Firewall)<\/strong> is a robust, iptables\/nftables based security suite for Linux servers. It combines a stateful firewall with login\/brute force detection <strong>(via the LFD daemon)<\/strong>, rate limiting, port flood control, and easy allow\/deny lists.<\/p>\n\n\n\n<p>CSF simplifies server hardening, integrates with popular control panels, and helps block malicious traffic before it reaches applications.<\/p>\n\n\n\n<p>In this guide, you\u2019ll understand how the CSF firewall works on a Linux server, how to install and configure it, must\u2011know commands, best practices, and practical examples from real hosting environments. <\/p>\n\n\n\n<p>Whether you run a VPS or a dedicated machine, CSF offers a beginner friendly path to better security.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"what-is-csf-configserver-security-and-firewall\"><strong>What is CSF (ConfigServer Security &amp; Firewall)?<\/strong><\/h2>\n\n\n\n<p><strong>CSF is a comprehensive firewall<\/strong> and intrusion prevention system for Linux. Under the hood, it manages iptables (legacy) or nftables rules and pairs them with the Login Failure Daemon (LFD), which watches system logs for suspicious behavior.<\/p>\n\n\n\n<p>When LFD detects brute force attempts or floods, it can automatically block offending IPs temporarily or permanently.<\/p>\n\n\n\n<p><strong>Key highlights:-<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Easy rule management using allow\/deny lists, connection limits, and port flood protection.<\/li>\n\n\n\n<li>Log-driven detection via LFD for SSH, mail, FTP, cPanel\/DirectAdmin, and more.<\/li>\n\n\n\n<li>Works with cPanel, DirectAdmin, Webmin, and standalone Linux servers.<\/li>\n\n\n\n<li>Supports both IPv4 and IPv6, country-based blocks (GeoIP), and external blocklists.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"why-use-the-csf-firewall-on-a-linux-server\"><strong>Why Use the CSF Firewall on a Linux Server?<\/strong><\/h2>\n\n\n\n<p>Compared to managing raw iptables\/nftables, CSF provides a cleaner interface, safer defaults, and lots of ready-made protections. <\/p>\n\n\n\n<p><strong>You\u2019ll get:-<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Quick hardening:<\/strong> sensible defaults, minimal open ports.<\/li>\n\n\n\n<li><strong>Brute-force protection:<\/strong> automatic blocking of repeated login failures.<\/li>\n\n\n\n<li><strong>Rate limiting:<\/strong> stop port floods and connection abuse without touching application code.<\/li>\n\n\n\n<li><strong>Observability:<\/strong> clear logs, alerts, and search commands for troubleshooting.<\/li>\n\n\n\n<li><strong>Panel integration:<\/strong> GUI management on popular hosting panels.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"how-csf-works-firewall-plus-lfd-architecture\"><strong>How CSF Works: Firewall + LFD Architecture<\/strong><\/h2>\n\n\n\n<p>CSF manages kernel level packet filtering using iptables (or nftables via iptables compatibility). It enforces inbound\/outbound port rules, connection counts, and flood limits.<\/p>\n\n\n\n<p>LFD continuously parses logs (e.g., SSH, Exim, Dovecot, PAM) and reacts to suspicious events by adding IPs to a deny list, often starting with temporary blocks and escalating to permanent blocks if abuse continues.<\/p>\n\n\n\n<p><strong>A typical flow:-<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Traffic hits the <a href=\"https:\/\/www.youstable.com\/blog\/install-csf-firewall-on-linux\/\">server and is evaluated by kernel firewall rules installed by CSF<\/a>.<\/li>\n\n\n\n<li>LFD watches authentication logs; repeated failures trigger an automated block.<\/li>\n\n\n\n<li>Admin IPs can be allowlisted to prevent accidental lockouts.<\/li>\n\n\n\n<li>Rate limits and connection tracking prevent floods and excessive concurrent connections.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"prerequisites-and-installation-ubuntu-debian-almalinux-rocky-centos\"><strong>Prerequisites and Installation (Ubuntu\/Debian\/AlmaLinux\/Rocky\/CentOS)<\/strong><\/h2>\n\n\n\n<p>Before installing CSF, ensure you have console\/serial access in case of misconfiguration. If using a panel (cPanel\/DirectAdmin), install CSF via the panel\u2019s recommended method or repository.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"1-prepare-the-server\"><strong>1. Prepare the server<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code># RHEL\/AlmaLinux\/Rocky\nsudo dnf update -y\nsudo dnf install -y perl wget tar\n\n# Stop other firewalls to avoid conflicts (you can migrate rules later)\nsudo systemctl stop firewalld 2>\/dev\/null || true\nsudo systemctl disable firewalld 2>\/dev\/null || true\n\n# Ubuntu\/Debian\nsudo apt update\nsudo apt install -y perl wget tar\n# If UFW is enabled, disable it (optional if you plan to replace with CSF)\nsudo ufw disable<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"2-download-and-install-csf\"><strong>2. Download and install CSF<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>cd \/usr\/src\nsudo wget https:\/\/download.configserver.com\/csf.tgz\nsudo tar -xzf csf.tgz\ncd csf\nsudo sh install.sh\n\n# Test required iptables\/nftables modules\nsudo \/usr\/local\/csf\/bin\/csftest.pl<\/code><\/pre>\n\n\n\n<p>If csftest reports OK, proceed. CSF installs two services: csf (rules) and lfd (Login Failure Daemon).<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"3-initial-configuration-and-testing-mode\"><strong>3<\/strong>. <strong>Initial configuration and testing mode<\/strong><\/h3>\n\n\n\n<p>By default, CSF starts in TESTING mode so you don\u2019t lock yourself out. Edit the main config and set your essential ports before disabling testing:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo nano \/etc\/csf\/csf.conf\n# Recommended essentials:\n# TESTING = \"1\" &lt;-- keep this until you confirm connectivity\n# TCP_IN = \"22,80,443\"\n# TCP_OUT = \"80,443,53\"\n# UDP_IN = \"53\"\n# UDP_OUT = \"53,123\"\n# IPV6 = \"1\" (if you use IPv6)\n# RESTRICT_SYSLOG = \"3\"\n\n# Then restart CSF\/LFD to apply\nsudo csf -r\nsudo systemctl restart lfd<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"4-disable-testing-mode-when-ready\"><strong>4. Disable testing mode when ready<\/strong><\/h3>\n\n\n\n<p>Once you confirm SSH\/HTTP\/HTTPS access works, set TESTING = &#8220;0&#8221; and reload:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>sudo sed -i 's\/^TESTING = \"1\"\/TESTING = \"0\"\/' \/etc\/csf\/csf.conf\nsudo csf -r\nsudo systemctl enable --now lfd<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"essential-csf-configuration-csf-conf\"><strong>Essential CSF Configuration (csf.conf)<\/strong><\/h3>\n\n\n\n<p>Use the main configuration file at <code>\/etc\/csf\/csf.conf<\/code>. Below are common, secure defaults to adapt to your stack (web, email, DNS, control panel):<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code># Core\nTESTING = \"0\"\nIPV6 = \"1\"\nRESTRICT_SYSLOG = \"3\"\n\n# Inbound\/Outbound ports (adjust to your services)\nTCP_IN = \"22,80,443\"\nTCP_OUT = \"80,443,53\"\nUDP_IN = \"53\"\nUDP_OUT = \"53,123\"\n\n# Brute-force detection (LFD)\nLF_SSHD = \"5\"            # 5 failed SSH logins triggers a block\nLF_TRIGGER = \"5\"         # Global trigger level\nLF_PERMBLOCK = \"1\"       # Escalate to permanent bans on repeat offenders\nLF_DIRWATCH = \"300\"      # Monitor web dirs for suspicious files\n\n# Connection tracking &amp; flood controls\nCT_LIMIT = \"150\"         # Max concurrent connections from a single IP\nCT_INTERVAL = \"30\"\nSYNFLOOD = \"1\"\nSYNFLOOD_RATE = \"100\/s\"\nSYNFLOOD_BURST = \"150\"\n\n# Port flood &amp; connection limits (examples)\nPORTFLOOD = \"80;tcp;40;5,443;tcp;40;5\"\nCONNLIMIT = \"22;5,80;50,443;50\"\n\n# Optional: Country blocks (GeoIP must be configured)\n# CC_DENY = \"CN,RU\"\n# CC_ALLOW = \"\"\n\n# Alerts\n# LF_ALERT_TO = \"you@example.com\"<\/code><\/pre>\n\n\n\n<p>Open only the ports you actually use. For example, cPanel servers typically need 2083\/2087, mail servers need 25\/465\/587\/993\/995, and DNS uses 53. After any change, run <code>csf -r<\/code> to reload.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"managing-allow-block-lists\"><strong>Managing Allow\/Block Lists<\/strong><\/h2>\n\n\n\n<p><strong>CSF stores IP lists here:-<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><code>\/etc\/csf\/csf.allow<\/code> \u2013 allowlist (never block these)<\/li>\n\n\n\n<li><code>\/etc\/csf\/csf.deny<\/code> \u2013 permanent deny list<\/li>\n\n\n\n<li><code>\/etc\/csf\/csf.ignore<\/code> \u2013 LFD will ignore these IPs\/users<\/li>\n<\/ul>\n\n\n\n<pre class=\"wp-block-code\"><code># Allowlist your office IP (prevents lockouts)\nsudo csf -a 203.0.113.10 \"office\"\n\n# Deny a bad IP temporarily (1 hour)\nsudo csf -td 198.51.100.25 3600 \"ssh brute force\"\n\n# Remove a deny\/allow\nsudo csf -dr 198.51.100.25\nsudo csf -ar 203.0.113.10\n\n# Search for an IP across rules\nsudo csf -g 198.51.100.25\n\n# List current rules\nsudo csf -l<\/code><\/pre>\n\n\n\n<p>Note: To open or close ports, edit <code>csf.conf<\/code> (TCP_IN\/TCP_OUT\/UDP_IN\/UDP_OUT) rather than using allow\/deny IP lists.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"common-csf-commands-youll-use-often\"><strong>Common CSF Commands You\u2019ll Use Often<\/strong><\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li><code>csf -e<\/code>: Enable CSF<\/li>\n\n\n\n<li><code>csf -x<\/code>: Disable CSF (leaves LFD running)<\/li>\n\n\n\n<li><code>csf -r<\/code>: Reload rules after configuration changes<\/li>\n\n\n\n<li><code>systemctl restart lfd<\/code>: Restart LFD daemon<\/li>\n\n\n\n<li><code>csf --temp<\/code>: View temporary blocks<\/li>\n\n\n\n<li><code>tail -f \/var\/log\/lfd.log<\/code>: Watch LFD activity in real time<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"best-practice-hardening-tips\"><strong>Best-Practice Hardening Tips<\/strong><\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Allowlist your admin IPs first to avoid lockouts.<\/li>\n\n\n\n<li>Keep only necessary ports open; close unused services at the application\/service level.<\/li>\n\n\n\n<li>Enable <code>RESTRICT_SYSLOG=3<\/code> to limit log access and reduce abuse.<\/li>\n\n\n\n<li>Tune <code>CT_LIMIT<\/code>, <code>PORTFLOOD<\/code>, and <code>CONNLIMIT<\/code> for your traffic profile (e.g., higher values for busy WooCommerce stores).<\/li>\n\n\n\n<li>Use temporary bans first to analyze false positives, then escalate to permanents.<\/li>\n\n\n\n<li>Rotate logs and monitor LFD alerts to spot attack patterns early.<\/li>\n\n\n\n<li>Test GeoIP blocks carefully; country blocks can cause legitimate user issues.<\/li>\n\n\n\n<li>If you use a CDN or reverse proxy, consider allowlisting its IP ranges and rate-limiting at the edge, too.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"troubleshooting-csf-and-lfd\"><strong>Troubleshooting CSF and LFD<\/strong><\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Accidental lockout:<\/strong> if you still have console access, run <code>csf -x<\/code> to disable; fix rules, allowlist your IP, then <code>csf -e<\/code>.<\/li>\n\n\n\n<li><strong>No connectivity after enabling:<\/strong> ensure your SSH port is included in <code>TCP_IN<\/code> and your web ports in <code>TCP_IN<\/code>\/<code>TCP_OUT<\/code>; reload CSF.<\/li>\n\n\n\n<li><strong>Firewall conflicts:<\/strong> stop\/disable firewalld or UFW if CSF is your primary firewall.<\/li>\n\n\n\n<li><strong>Missing kernel modules:<\/strong> run <code>\/usr\/local\/csf\/bin\/csftest.pl<\/code> and install required packages; ensure iptables\/nftables is available.<\/li>\n\n\n\n<li><strong>NAT\/Cloud networking:<\/strong> verify the correct network interface and that your provider\u2019s security groups permit the same ports.<\/li>\n\n\n\n<li><strong>Debugging:<\/strong> check <code>\/var\/log\/lfd.log<\/code> and <code>\/var\/log\/messages<\/code>\/<code>syslog<\/code> for clues; use <code>csf -g &lt;IP&gt;<\/code> to locate matched rules.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"csf-vs-fail2ban-ufw-and-firewalld\"><strong>CSF vs. Fail2ban, UFW, and Firewalld<\/strong><\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>CSF vs Fail2ban:<\/strong> Both watch logs and block attackers. CSF bundles firewall management + LFD in one tool; Fail2ban typically works alongside UFW\/iptables. CSF offers a broader, integrated suite with simpler port and limit controls.<\/li>\n\n\n\n<li><strong>CSF vs UFW\/Firewalld: <\/strong>UFW\/Firewalld are primarily rule managers. CSF adds intrusion prevention, rate limiting, flood control, and hosting-panel integration.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"real-world-use-cases-and-example-port-sets\"><strong>Real World Use Cases and Example Port Sets<\/strong><\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>WordPress-only server:<\/strong> open 22, 80, 443. Add <code>PORTFLOOD<\/code> on 80\/443, <code>CONNLIMIT<\/code> on 22. Consider a CDN and WAF at the edge for DDoS mitigation.<\/li>\n\n\n\n<li><strong>cPanel hosting:<\/strong> 22, 80, 443, 2083, 2087, 21 (if FTP), email ports (25\/465\/587\/993\/995), 53 for DNS. Monitor LFD for mail auth abuse.<\/li>\n\n\n\n<li><strong>Mail relay:<\/strong> 22, 25\/465\/587, 993\/995, 53. Tighten <code>CT_LIMIT<\/code> and watch for SMTP auth brute-force.<\/li>\n\n\n\n<li><strong>SFTP-only node: <\/strong>22 with <code>CONNLIMIT<\/code> and stricter <code>LF_SSHD<\/code> thresholds; disable all web ports.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"security-and-performance-considerations\"><strong>Security and Performance Considerations<\/strong><\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>DDoS reality check:<\/strong> CSF can rate-limit and block obvious abusers but won\u2019t stop large volumetric attacks. Use upstream protection (CDN\/WAF, provider-level filters) for serious DDoS.<\/li>\n\n\n\n<li><strong>Keep overhead low:<\/strong> reasonable limits (<code>CT_LIMIT<\/code>, <code>PORTFLOOD<\/code>) protect services without harming legitimate traffic.<\/li>\n\n\n\n<li><strong>Outbound controls:<\/strong> restrict <code>TCP_OUT<\/code>\/<code>UDP_OUT<\/code> to reduce malware exfiltration risk.<\/li>\n\n\n\n<li><strong>IPv6 parity:<\/strong> mirror IPv4 rules for IPv6 if <code>IPV6=1<\/code> is enabled.<\/li>\n\n\n\n<li><strong>Change management:<\/strong> document rules, use version control for configs in teams, and apply changes during maintenance windows.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" class=\"wp-block-heading\" id=\"faqs-csf-firewall-on-linux-server\"><strong>FAQ&#8217;s &#8211; CSF Firewall on Linux Server<\/strong><\/h2>\n\n\n<div id=\"rank-math-faq\" class=\"rank-math-block\">\n<div class=\"rank-math-list \">\n<div id=\"faq-question-1765616521490\" class=\"rank-math-list-item\">\n<h3 class=\"rank-math-question \" class=\"rank-math-question \" id=\"is-csf-a-firewall-or-just-a-gui\"><strong>Is CSF a firewall or just a GUI?<\/strong><\/h3>\n<div class=\"rank-math-answer \">\n\n<p>CSF is a full firewall management suite that configures iptables\/nftables rules and includes LFD for intrusion prevention. While it offers GUIs in hosting panels, it\u2019s not just a front end\u2014its features go far beyond a simple rule editor.<\/p>\n\n<\/div>\n<\/div>\n<div id=\"faq-question-1765616530912\" class=\"rank-math-list-item\">\n<h3 class=\"rank-math-question \" class=\"rank-math-question \" id=\"does-csf-work-with-nftables\"><strong>Does CSF work with nftables?<\/strong><\/h3>\n<div class=\"rank-math-answer \">\n\n<p>Yes. On modern distributions, CSF can operate via iptables compatibility layers over nftables. You don\u2019t need to retool your workflow\u2014CSF abstracts the underlying packet filter and manages the rules for you.<\/p>\n\n<\/div>\n<\/div>\n<div id=\"faq-question-1765616586411\" class=\"rank-math-list-item\">\n<h3 class=\"rank-math-question \" class=\"rank-math-question \" id=\"how-do-i-open-a-port-in-csf\"><strong>How do I open a port in CSF?<\/strong><\/h3>\n<div class=\"rank-math-answer \">\n\n<p>Edit <code>\/etc\/csf\/csf.conf<\/code> and add the port to <code>TCP_IN<\/code> (inbound) or <code>TCP_OUT<\/code> (outbound), then reload:<\/p>\n<p><code>sudo nano \/etc\/csf\/csf.conf<br \/># Add e.g. 8080 to TCP_IN<br \/>TCP_IN = \"22,80,443,8080\"<br \/>sudo csf -r<\/code><\/p>\n\n<\/div>\n<\/div>\n<div id=\"faq-question-1765616609416\" class=\"rank-math-list-item\">\n<h3 class=\"rank-math-question \" class=\"rank-math-question \" id=\"how-do-i-remove-a-block-or-unblock-my-ip\"><strong>How do I remove a block or unblock my IP?<\/strong><\/h3>\n<div class=\"rank-math-answer \">\n\n<p><strong>First, search for your IP:-<br \/><\/strong><code>sudo csf -g &lt;your-ip&gt;<\/code><br \/><strong>If it\u2019s on the deny list, remove it and reload:-<br \/><\/strong><code>sudo csf -dr &lt;your-ip&gt;<br \/>sudo csf -r<\/code><\/p>\n\n<\/div>\n<\/div>\n<\/div>\n<\/div>","protected":false},"excerpt":{"rendered":"<p>CSF firewall (ConfigServer Security &amp; Firewall) is a robust, iptables\/nftables based security suite for Linux servers. It combines a stateful [&hellip;]<\/p>\n","protected":false},"author":21,"featured_media":13826,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[350,1195],"tags":[],"class_list":["post-12724","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-knowledgebase","category-blogging"],"acf":[],"featured_image_src":"https:\/\/www.youstable.com\/blog\/wp-content\/uploads\/2025\/12\/What-is-CSF-Firewall-on-Linux-Server.jpg","author_info":{"display_name":"Sanjeet Chauhan","author_link":"https:\/\/www.youstable.com\/blog\/author\/sanjeet"},"_links":{"self":[{"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/posts\/12724","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/users\/21"}],"replies":[{"embeddable":true,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/comments?post=12724"}],"version-history":[{"count":7,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/posts\/12724\/revisions"}],"predecessor-version":[{"id":13828,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/posts\/12724\/revisions\/13828"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/media\/13826"}],"wp:attachment":[{"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/media?parent=12724"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/categories?post=12724"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.youstable.com\/blog\/wp-json\/wp\/v2\/tags?post=12724"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}