<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-5HLVVHN" height="0" width="0" style="display:none;visibility:hidden">
Impacted by the ConfigServer EOL?

ConfigServer EOL: Announcing Our New Migration Tool from CSF to Imunify360

IM_configserverEOL (1)

As many of you know, ConfigServer officially ceased all operations on August 31 2025, marking the end-of-life for its entire suite of products, including the widely-used ConfigServer Security & Firewall (CSF) service. So, what should you do next?

For the many administrators who have relied on CSF, this creates an urgent need for a stable, supported, and modern security solution. Today, we are pleased to announce that solution: our new CSF Migration Tool for Imunify360.

This tool is designed to make your transition from CSF to the comprehensive security of Imunify360 as smooth and straightforward as possible.

Why Migrate Now?

Continuing to run EOL software like CSF can pose a significant security risk. Without active development, the software will not receive updates to protect against new vulnerabilities and emerging threats, leaving your servers exposed.

This migration is also a significant opportunity to upgrade your server's defense capabilities. By moving to Imunify360, you replace a standalone firewall with a comprehensive, six-layer security platform. You gain a system that is actively developed, managed by a global team of security experts, and backed by 24/7 support.

How the New Migration Tool Works

To simplify your transition, our new command-line tool automatically scans your existing CSF configuration files and converts the supported rules into the Imunify360 format.

The tool will automatically migrate:

  • Country allow/deny lists → migrated to Imunify360’s whitelist/blacklist.
  • SMTP blocking settings → written into Imunify360 config files.
  • IP allow/deny lists (csf.allow / csf.deny) → migrated into Imunify360 whitelist/blacklist.
  • Advanced filters (ports, protocols, sources) → migrated where supported.

The tool is safe to run multiple times. It will not break your configuration or create duplicate rules, giving you peace of mind during the migration process.

Step-by-Step Migration Guide

The migration tool is included in the latest version of Imunify360. Here’s how to use it in four simple steps.

Step 1: Verify the Tool's Presence

First, ensure your server has the latest version of Imunify360 by checking for the migration tool's directory:

/opt/imunify360/venv/share/imunify360/scripts/migrate_csf

If this directory is missing, your server has not yet updated. You can either force a manual update or wait a couple of days for the regular update cycle to complete.

Step 2: Run the Migration Script

Once you've confirmed the tool is present, navigate to the directory and execute the script.

cd /opt/imunify360/venv/share/imunify360/scripts/migrate_csf
./main.py # executable, no python prefix needed

Step 3: Verify the Migration

The tool will display color coded logs in your console as it runs. For a complete record of all actions taken, you can review the detailed log file located at:

/var/log/imunify360/migrate_csf.log

Step 4: Disable and Remove CSF

Once you have successfully migrated your configuration, you must disable CSF to allow Imunify360's firewall to take over your protection.

csf -x
systemctl disable csf
systemctl disable lfd
 

To Keep An Eye On

Our goal with this initial release is to cover the most common CSF configurations, providing a quick transition path for the vast majority of users. However, it's important to note a few features that are not yet covered in this version of the tool. Here’s what you should look out for in the migration logs:

  • IPv6: only /64 networks are currently supported. Individual IPv6 addresses or other subnet sizes will trigger warnings.
  • Dangerous ranges: configurations like 0.0.0.0/0 are flagged as unsafe.
  • Malformed/unsupported filters: e.g. some advanced filters with missing destination ports or unsupported directions (out) are skipped.
  • Host bits in IPv4 subnets: certain ranges with misaligned masks will be corrected or skipped.

We are actively working to expand support so that more CSF options can be migrated seamlessly.

The Road Ahead

This tool is part of our ongoing commitment to making Imunify360 the most robust and configurable security platform available.

We are already working on future enhancements to our firewall, including broader IPv6 compatibility, increased configuration flexibility, and to include additional popular features that CSF users have come to love.

The migration tool will ship as part of the standard Imunify360 installation and will continuously improve.

Get Started Today

With our new migration tool, moving from the discontinued CSF to a modern, fully-supported security platform couldn’t be easier.

  • Not an Imunify360 user yet? This is a great opportunity to upgrade your server's security. Learn more and get started today.
  • Already an Imunify360 customer? If you have any questions about the migration process, please don't hesitate to check out our documentation or contact our support team.

 

 

ConfigServer EOL: Announcing Our New Migration Tool from CSF to Imunify360

IM_configserverEOL (1)

As many of you know, ConfigServer officially ceased all operations on August 31 2025, marking the end-of-life for its entire suite of products, including the widely-used ConfigServer Security & Firewall (CSF) service. So, what should you do next?

For the many administrators who have relied on CSF, this creates an urgent need for a stable, supported, and modern security solution. Today, we are pleased to announce that solution: our new CSF Migration Tool for Imunify360.

This tool is designed to make your transition from CSF to the comprehensive security of Imunify360 as smooth and straightforward as possible.

Why Migrate Now?

Continuing to run EOL software like CSF can pose a significant security risk. Without active development, the software will not receive updates to protect against new vulnerabilities and emerging threats, leaving your servers exposed.

This migration is also a significant opportunity to upgrade your server's defense capabilities. By moving to Imunify360, you replace a standalone firewall with a comprehensive, six-layer security platform. You gain a system that is actively developed, managed by a global team of security experts, and backed by 24/7 support.

How the New Migration Tool Works

To simplify your transition, our new command-line tool automatically scans your existing CSF configuration files and converts the supported rules into the Imunify360 format.

The tool will automatically migrate:

  • Country allow/deny lists → migrated to Imunify360’s whitelist/blacklist.
  • SMTP blocking settings → written into Imunify360 config files.
  • IP allow/deny lists (csf.allow / csf.deny) → migrated into Imunify360 whitelist/blacklist.
  • Advanced filters (ports, protocols, sources) → migrated where supported.

The tool is safe to run multiple times. It will not break your configuration or create duplicate rules, giving you peace of mind during the migration process.

Step-by-Step Migration Guide

The migration tool is included in the latest version of Imunify360. Here’s how to use it in four simple steps.

Step 1: Verify the Tool's Presence

First, ensure your server has the latest version of Imunify360 by checking for the migration tool's directory:

/opt/imunify360/venv/share/imunify360/scripts/migrate_csf

If this directory is missing, your server has not yet updated. You can either force a manual update or wait a couple of days for the regular update cycle to complete.

Step 2: Run the Migration Script

Once you've confirmed the tool is present, navigate to the directory and execute the script.

cd /opt/imunify360/venv/share/imunify360/scripts/migrate_csf
./main.py # executable, no python prefix needed

Step 3: Verify the Migration

The tool will display color coded logs in your console as it runs. For a complete record of all actions taken, you can review the detailed log file located at:

/var/log/imunify360/migrate_csf.log

Step 4: Disable and Remove CSF

Once you have successfully migrated your configuration, you must disable CSF to allow Imunify360's firewall to take over your protection.

csf -x
systemctl disable csf
systemctl disable lfd
 

To Keep An Eye On

Our goal with this initial release is to cover the most common CSF configurations, providing a quick transition path for the vast majority of users. However, it's important to note a few features that are not yet covered in this version of the tool. Here’s what you should look out for in the migration logs:

  • IPv6: only /64 networks are currently supported. Individual IPv6 addresses or other subnet sizes will trigger warnings.
  • Dangerous ranges: configurations like 0.0.0.0/0 are flagged as unsafe.
  • Malformed/unsupported filters: e.g. some advanced filters with missing destination ports or unsupported directions (out) are skipped.
  • Host bits in IPv4 subnets: certain ranges with misaligned masks will be corrected or skipped.

We are actively working to expand support so that more CSF options can be migrated seamlessly.

The Road Ahead

This tool is part of our ongoing commitment to making Imunify360 the most robust and configurable security platform available.

We are already working on future enhancements to our firewall, including broader IPv6 compatibility, increased configuration flexibility, and to include additional popular features that CSF users have come to love.

The migration tool will ship as part of the standard Imunify360 installation and will continuously improve.

Get Started Today

With our new migration tool, moving from the discontinued CSF to a modern, fully-supported security platform couldn’t be easier.

  • Not an Imunify360 user yet? This is a great opportunity to upgrade your server's security. Learn more and get started today.
  • Already an Imunify360 customer? If you have any questions about the migration process, please don't hesitate to check out our documentation or contact our support team.

 

 

Subscribe to Imunify security Newsletter