v15.01 to Newer
About Versioning¶
This repository categorizes ConfigServer Security & Firewall (CSF) into two distinct development eras:
| Version Range | Developer | Description | This Page Covers |
|---|---|---|---|
| v15.01 and Newer | Aetherinox | Maintained after August 2025 | |
| v15.00 and Older | Way to the Web | Legacy releases prior to August 2025 |
The final release of CSF v15.00 by Way to the Web removed all automatic update functionality as a result of the company shutting down. Consequently, automatic updates no longer work on that version.
CSF v15.01 was the first release maintained by this repository, which restored automatic update support by introducing new servers.
To regain automatic update functionality, any server running CSF v15.00 and older by the company Web to the Web, must be migrated to this repository’s maintained version of CSF v15.01 and newer.
Update from v15.x to Newer ¶
This page outlines the process for updating ConfigServer Security & Firewall (CSF) after you have completed the initial installation on your server.
These instructions assume that you currently have CSF v15.x or newer installed on your server, and are looking to update to the latest version.
If you are already running CSF v15.x by Aetherinox, updating to the latest version is extremely simple.
There are two methods you can use for updating CSF:
- Automatic using the built-in update utility.
- Manually by downloading the latest CSF files and running the
install.shscript.
Automatic¶
To update CSF automatically, you can run the terminal command to check for updates:
You should see one of the following depending on if an update is available or not:
If you want CSF to automatically update without performing a check first, use the command below. If a newer version is available, it will install it immediately without any prior notification.
You can also run a forced update, which installs the latest available version of CSF regardless of whether an update is detected. This command will overwrite the current installation files even if you’re already up to date.
Manually¶
To update CSF manually, verify the current running version with the command below:
Once you have established the current running version, you can check our official repository releases page for the latest version available.
To download the latest version, grab it using one of the commands below:
Decompress / unzip the downloaded archive file:
Run the CSF installation script:
Follow any instructions on-screen. If prompted for any additional information, enter it. Once the wizard completes, you can confirm if CSF is installed and functioning by accessing your server via SSH, and running the CSF version command:
Confirm the status of csf by running:
● csf.service - ConfigServer Security & Firewall - csf
Loaded: loaded (/lib/systemd/system/csf.service; enabled; vendor preset: enabled)
Active: active (exited) since Mon 2025-11-19 23:45:04 UTC; 14 seconds ago
Main PID: 597 (code=exited, status=0/SUCCESS)
CPU: 0min 14.956s
Notice: journal has been rotated since unit was started, output may be incomplete.
Next Steps ¶
Select what documentation you would like to proceed with next ...
-
Starting CSF requires disabling testing mode and enabling the firewall so it runs normally.
This chapter explains how to start both CSF and LFD services and ensure they launch on boot.
You’ll also find troubleshooting tips for common startup errors and how to fix them quickly.
-
The web interface lets you manage your firewall through a browser instead of a command line.
This chapter covers installation of dependencies, enabling the interface, and whitelisting your IP for security.