WHM/CPanel Centos 7: enabling ipset in csf

Prerequisite:

• Iptables & Ipset
• Serverconfig v7.54 or later

Follow WHM/CPanel centos 7: blocking brute force attack to replace firewalld with iptables and ipset.

Download and Install serverconfig:

# wget http://configserver.com/free/csf.tgz# tar -xzf csf.tgz# cd csf & ./install.cpanel.sh

To enable ipset in csf, edit file /etc/csf/csf.conf or edit it via WHM/CPanel:

TESTING = “0”
LF_IPSET = 1
TCP_IN= “22,80,53,443” 
TCP_OUT=”22,80,53,443″
UDP_IN=”53″
UDP_OUT=”53″

NOTE: don't forget to add your port services

Restart your csf

# service csf restart

Or via WHM/CPanel click Restart CSF+LFD

References:

• https://documentation.cpanel.net/plugins/servlet/mobile#content/view/7536715 
• http://blog.configserver.com/?p=2329 
• http://codeisgreen.net/blog/2015/09/21/ipset-for-cpanelwhm-and-csf/?id=8&title=ipset-for-cpanel-whm-and-csf