Firewall and CSF Missing After CyberPanel 2.4.3 Update

Support and Discussion Updates
1

Problem Description:

I recently updated my CyberPanel to version 2.4.3 (commit: a4791035d08e642283f07dcae4756330f1a9d01a), and I’m experiencing issues with the firewall functionality. After the update:

  • The CSF (ConfigServer Security & Firewall) has disappeared from the control panel
  • When trying to access firewall settings, I get a “not found” error screen
  • The firewall management interface is completely inaccessible

System Information:

  • CyberPanel Version: 2.4.3
  • Commit Hash: a4791035d08e642283f07dcae4756330f1a9d01a
  • Previous version worked fine with CSF

What I’ve Tried:

  • Checked if CSF is still installed on the system
  • Looked for any error messages in logs
  • Attempted to access firewall settings through different menu paths

Questions:

  1. Is this a known issue with CyberPanel 2.4.3?
  2. Has CSF support been intentionally removed or disabled in this version?
  3. Are there any official workarounds or fixes available?
  4. Will CSF support be restored in future updates?

Impact:
This issue is critical as it leaves my server without proper firewall protection. Any guidance or solutions would be greatly appreciated.

Additional Notes:
The server was functioning normally before the update, and CSF was properly configured and working. The issue appeared immediately after completing the update to version 2.4.3.

2

It’s been removed because ConfigServer is shutting down: See github commit a4791035d08e642283f07dcae4756330f1a9d01a

1 Like
3

No, that is still incorrect behavior on CyberPanel’s part and a gross misunderstanding of and negligence in the handling of what the software’s EOL and company’s closure means for ConfigServer users. Per ConfigServer (CC: @usmannasir), the software will still work without updates and they are opening the source code as well. Thus, unless I give permission or advise me during install (with an option to retain), CyberPanel shouldn’t be deleting or removing software that still works and I need. Further, the blocklists are actively updated by the third parties independent of the software’s development state. Like many, I use its LDF to protect my server and your removal or hiding of it is not what I have approved. ConfigServer is vastly superior to the built-in plain-Jane firewall even without regular updates.

Can I keep using the software I have installed on my server after 31 August?

Yes, you can keep using the software as long as you update it to the latest version before the 31st of August. After that date, if you have not upgraded to the latest version, the software will stop working. This applies to ConfigServer eXploit Scanner, Outgoing Spam Monitor, and MailScanner Front-End.

Will your free scripts continue to work after the 31st of August?

Yes, ConfigServer Mail Manage (csm), CS Mail Queues (cmq), CS Modsecurity Control (cmc), CS Explorer (cse) and ConfigServer Security & Firewall (csf) will continue to work. They will no longer be updated, however, and will not be available for download or install.

Source:

4

Here is a mirrored copy of the latest version of ConfigServer Security and Firewall for those who need it:

https://1drv.ms/u/c/2e27fe2f55eeb04e/EWfTnnqSSxxFkPZD27iyqoABOMe24sHWm0Byrv-YUesxcA?e=HMeWxj

5

I’m not on their team, I just noticed the update on GitHub. I agree more advanced notice would have been better, though in fairness, ConfigServer didn’t give much notice either.

6

True as far as ConfigServer is concerned. On the same token, however, CSF will continue to work as it is in a mature state. The software has remained stable for years and has needed virtually no refinements or tweaking outside of the CyberPanel integration that happened years ago. Further, the built-in firewall does not offer the proactive protection or advanced blocklists of CSF. Throwing the baby out with the bath water for preexisting installations is not an appropriate approach. In fact, CSF has been a lifesaver against hackers for my installations and I would never go without it.

3 Likes
7

But then the CSF web interface will also no longer be available under CyberPanel?

8

You are correct, CSF and the interface is removed but you can reinstall it together with the interface by executing the following:

#backup current csf configuration
zip -r csf-backup.zip /etc/csf/

#Reinstall CSF
#The below line no longer works in 2.4.4
/usr/local/CyberCP/bin/python3 /usr/local/CyberCP/plogical/csf.py installCSF

#Alternate CSF install
bash <(curl -s https://sajetekengineering.com/wp-content/uploads/cyberpanel/install_csf_cyberpanel.sh) skip

#Fix for saving the configurations in 2.4.x
if ! grep -q "configservercsf" /usr/local/CyberCP/CyberCP/secMiddleware.py; then sed -i -E "s/if.*valueAlreadyChecked == 0/& and request.path != '\/configservercsf\/iframe\/'/g" /usr/local/CyberCP/CyberCP/secMiddleware.py; fi
find /usr/local/CyberCP/ -type d -name __pycache__ -exec rm -r {} \+ && systemctl restart lscpd && systemctl restart lsws

#Restore CSF configurations and restart CSF
unzip -o csf-backup.zip -d /
csf -r
4 Likes
9

Thank you @sajetek_developer

10

instead of removing, why isn’t CSF replaced with this fork?! GitHub - Aetherinox/csf-firewall: ConfigServer Firewall (CSF) - new dark theme, setup guides, Docker and OpenVPN support. Constantly updated IP Blocklists (for any firewall, host file). Includes Traefik integration with Authentik and ip whitelisting middlewares.

1 Like
11

I use ALMA Linux and that one line was all I needed to get the firewall page back up, will likely need to config it again as I did not do the saving of config etc in the earlier step.
But thanks for this I was trying to work out what had happened and why the firewall page just stopped working.

12

This was a terrible move on the part of CyberPanel.
Removing a firewall is a major security issue.
It’s now November and I just noticed I didn’t have a firewall anymore, untill today when I was fixing another issue on my server, that came out of nowhere.