Remove any old versions: rm -fv csf.tgz
Download and install:

wget http://www.configserver.com/free/csf.tgz
tar -xzf csf.tgz
cd csf
sh install.sh

To disable run this from root:

sh disable_apf_bfd.sh

To update from root run this:

/usr/sbin/csf -u

To flush all blocks run this:

/usr/sbin/csf -f

Usage: /usr/sbin/csf [option] [value]

Option Meaning
-h, –help Show this message
-l, –status List/Show iptables configuration
-s, –start Start firewall rules
-f, –stop Flush/Stop firewall rules
-r, –restart Restart firewall rules
-a, –add [ip] Add an IP address to be whitelisted to /etc/csf.allow
-d, –deny [ip] Add an IP address to be blocked to /etc/csf.deny
-u, –update Checks for updates to csf+lfd and performs an upgrade if available
-x, –disable Disable csf and lfd
-e, –enable Enable csf and lfd if previously disabled
-v, –version Show csf version

If you would like to disable APF+BFD (which you will need to do if you have
them installed otherwise they will conflict horribly):

sh disable_apf_bfd.sh

That’s it. You can then configure csf and lfd in WHM, or edit the files
directly in /etc/csf/*

csf is preconfigured to work on a cPanel server with all the standard cPanel
ports open. It also auto-configures your SSH port if it’s non-standard on
installation.

You should ensure that kernel logging daemon (klogd) is enabled. Typically, VPS
servers have this disabled and you should check /etc/init.d/syslog and make
sure that any klogd lines are not commented out. If you change the file,
remember to restart syslog.

See the readme.txt file for more information.

Uninstallation
==============
Removing csf and lfd is even more simple:

cd /etc/csf
sh uninstall.sh