-
Notifications
You must be signed in to change notification settings - Fork 259
InterWorx
Heisenbug edited this page Mar 5, 2026
·
1 revision
Home · Start Here · Reference Map
- How CSF integrates with InterWorx and replaces APF hooks.
- UI behavior changes after installation.
- Post-install alert and plugin behavior notes.
Related guides: Integrations-Guide, Panel Integrations Guide
| Item | Detail |
|---|---|
| APF replacement | CSF installs a stub at /etc/apf/apf that redirects commands to CSF |
| Stub protection | The stub is locked with chattr +ia to prevent overwrites |
| NodeWorx Firewall page | Replaced with a dummy page pointing to CSF; auto-restored by LFD on restart |
| CSF UI location | NodeWorx → ConfigServer Services → ConfigServer Firewall & Security |
| Plugin auto-enabled | Yes — toggling the plugin on/off only affects the UI presence, not CSF itself |
InterWorx integration replaces the underlying APF dependency. Installing CSF
places a stub script at /etc/apf/apf that redirects commands to CSF. The
stub is chattr +ia locked to prevent it being overwritten.
Note: None of the APF conf files are used and are ignored by CSF.
The NodeWorx Firewall UI page is replaced with a dummy page stating that CSF should be used instead. LFD re-applies this replacement on restart in case InterWorx upgrades overwrite it.
| File | Purpose |
|---|---|
/etc/apf/apf |
Stub script redirecting APF commands to CSF |
/etc/csf/csf.conf |
Primary CSF configuration |
/etc/cxs/interworx.firewall |
Create this empty file to stop LFD from replacing the NodeWorx Firewall page |
- Install CSF using the standard installer — InterWorx integration is automatic.
- Do not use the NodeWorx Firewall UI for rule changes; use the CSF UI or CLI instead.
- Set
LF_ALERT_TOto a real email address incsf.conf(InterWorx does not configure a root forwarder by default). - Restart both CSF and LFD:
csf -ra - Verify the CSF UI is accessible under ConfigServer Services in NodeWorx.
- After InterWorx upgrades, confirm the Firewall page redirect is still in place.
If you want to prevent LFD from replacing the NodeWorx Firewall page on restart:
touch /etc/cxs/interworx.firewall- Using the NodeWorx Firewall page — changes made there are not reflected in iptables; always use the CSF UI or CLI.
-
Missing
LF_ALERT_TO— without a root forwarder or explicit alert address, LFD alerts go nowhere. - InterWorx upgrades — can overwrite the dummy Firewall page; LFD restores it on restart, but check after major upgrades.
-
APF stub locked with
chattr +ia— do not remove or modify the stub unless you are uninstalling CSF. - Plugin toggle confusion — enabling/disabling the InterWorx plugin only controls UI visibility, not CSF functionality.
Last reviewed: 2026-02-27
← Previous: CloudFlare · See also: CentOS Web Panel (CWP)
- Security Features Guide
- Cloud & Container Hardening
- Automation & IaC
- IPv6 Deployment & Hardening
- IP Block Lists
- Reference Map
- Introduction
- csf Principles
- lfd Principles
- csf CLI Options
- lfd CLI Options
- Login Tracking
- Regex Custom Cookbook
- Script Email Alerts
- Process Tracking
- Directory Watching
- Advanced Filters
- Multiple Ethernet
- Generic Linux
- FTP Issues
- Messenger Service
- Block Reporting
- Port Flood
- Pre/Post Scripts
- Port Knocking
- Connection Limit
- Port/IP Redirect
- Integrated UI
- RESTRICT_SYSLOG
- Exim SMTP AUTH
- UI Skinning
- InterWorx
- CentOS Web Panel