New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
Like our fellow members wrote above, we should be cool, I think they're definitely releasing it as FOSS, I'd be willing to create a fork and a nice team so we can keep it updated, add more features and a promise NOT to make it commercial.
I know many companies will try to make it commercial which destroys pretty much the whole concept.
In over 20 years of system administration experience, I've recommended it thousands of times and installed it on many thousands of servers as well - keeping it free is one of my goals, so if there's any commercial project coming from it, I definitely do not advise it.
Now technically speaking, this would be very easy:
1 - Fork and rename it (I already got an excellent idea for its name);
2 - Review the codebase to get familiar with its code;
3 - Implement the auto-update directly to the Github latest release;
4 - Create a website where users can create feature requests;
5 - Use Github for bug reporting and code improvement / new features.
All this, FOSS.
--
If they don't release it, I'll just work on creating similar software using AI to start with, mimicking most features.
While a drop-in replacement would be nice, it's not that easy, you'd need to adapt their config files etc, but we could keep it similar.
If anyone is interested in joining the FOSS project, either with CSF's codebase or not, PM me.
Yeah, they updated their site/FAQ to say as much, so ideally, they make it easier, i.e. just give a variable to override the currently hardcoded download URLs.
In what language does csf written?
predominantly in PERL
I hope they release CMC too!
Yeah exactly. Let's see how it goes.
This is indeed unfortunate. The CSF software is very useful.
Not sure about their other software, but CSF gets installed with automatic updates enabled by default. I would encourage anyone running CSF to disable automatic updates and remove the hard-coded update URLs from the code.
We don't know where and in whose hands the update domain will end up after the company's closure. Maybe not right now, but eventually, someone malicious might get this domain and would essentially be able to compromise all the servers with automatic updates enabled.
looks like it will live on: https://configserverfirewall.org/
I’m not sure that website implies anything - it looks to be something a user of CSF has put together. It’ll be much more interesting to see what is released by the company, who have said they’re actively working on an open source release.
That is correct: https://configserverfirewall.org/t/introduction-introduce-yourself/18
Hopefully it lives on, it’s been great over the years.
Better than started by someone not a CSF user?
/positive spin
7 days till shut down !
Eagerly awaiting positive news. Imunify360 is a good alternative but there's still some nice feature in CSF that I use, like regex-ing to block wp-admin & ajax floods.
Looks like free scripts were released under open source licensing ~2hrs ago https://github.com/waytotheweb/scripts. I compared the CSF Firewall GPLv3 open source code (v15.00) to the last configserver.com released code (v14.24) and wrote a summary at https://github.com/centminmod/configserver-scripts/blob/main/README-gpl-csf.md.
It would be really good if a serious group continue in long term the maintenance and development of this tool/code.. to keep it reliable and up to date for new and legacy systems..
I agree. such a smooth and lightweight tool going away!
Indeed.
For folks curious, I asked various AIs about what it would take to get CSF updated to support nftables and ended up with these responses https://github.com/centminmod/configserver-scripts/tree/main/csf-nftables
Looks like site and domain are shutdown now too https://download.configserver.com/csf/ is no more
CSF, I will miss you.
Going to miss MSFE
I thought I'd explore some AI research on CSF Firewall closure sentiment, discussions, and alternatives to see what the rest of the internet is discussing. Posted the AI research findings on my forked repo of official Configserver's GPLv3 open source repo at https://github.com/centminmod/configserver-scripts/tree/main/csf-shutdown-sentiment-alternatives. Enjoy
Imunify360 endorsement is really concerning. It is India based product, those are well known to be subpar at best.
I thought their staff were predominantly based in Eastern Europe. The CloudLinux careers page also shows the same for the current open Imunify360 positions.
Hm, I may retract than my assumptions. Yes, CL is made by ru. But CL dev was with nginx, so his technical knowledge is good.
Has anyone tried https://mailwatch.org/ or https://efa-project.org/ as a replacement for MSFE? Any other free option? Could you comment on alternative front ends for MailScanner?
i did one with IA pretty similar to the server check, i miss that.
https://github.com/chandro/CSF-alternative/
is just for console
In case anyone missed it, there's already a fork available with an installer:
https://github.com/Aetherinox/csf-firewall
Also, $dayjob has forked it too, but we'll likely be gutting it to suit needs, so we won't be making it public any time soon (if ever).
Looks like cPanel working on their own fork for CSF Firewall based on open sourced version https://features.cpanel.net/c/202-firewall-configuration-tool
FYI, I started a public tracking Github repo for Aetherinox CSF Firewall version that compares changes to official CSF v15.00 GPLv3 release at https://github.com/centminmod/csf-firewall-aetherinox-tracking and direct file at aetherinox-fork-changes.md star if you like