ConfigServer has posted on their blog they are discontinuing their products (including CSF) on August 31, 2025
More info: https://blog.configserver.com/?p=4137
Personally I don’t use CSF but I know a lot of folks here do, so thought it might be useful information.
I haven’t seen a update for quiet a while. It should still function ok as its not commercial software but no forum, support and of cause no updates.
Pitty it wasn’t a bad bit software, I just downloaded a copy before it shutdown.
I use to use mailscanner with webmin donkey years ago, and that went the way of the dinosaur, another bit software that good but no one made money.
Mailscanner isn’t all that dead…looks like it’s had updates less than a year ago. Maybe it just doesn’t need to change much. It’s got pretty limited scope.
Yeah I was just checking the github, I use the addon mailwatch with it and it was easy to look at the mail (looking for scammers I guess) with webmin, but that changed since virtualmin.
Chasing memories 
I actually have the Mailscanner book still.
I am on Rocky 9 and still using it . (works well for me ) So thanks for the news .
They did not wait to close the forum … I guess there is still the internet archive 
In the Faq , the last question and answer is :
Yes, we are seriously considering releasing csf (ConfigServer Security & Firewall) under the GPLv3 license. If we do this, it will be before we close for business and the software will be made available via our GitHub repository.
If they are only giving users 30 days before the company shuts down, there must be more to the story.
cPanel/WHM just use ConfigServer, I wonder if they paid this company any money and what they will do now.
Perhaps change to a similar setup to webmin/virtualmin eg fail2ban/firewalld tbf i ditched both fail2ban & firewalld because of the really slow time and processing power that these applications use at startup if there is a substantial set of ip’s to ban. So i coded my own and have never looked back
Funny, I didn’t know about this thread and asked them the same thing in an email earlier today.
Sounds to me like yet another business that cannot afford the increase in human resources/staff based on dwindling income (solid business plan) left with the only option to go GPL via Git.
The Internet is being strangled to death by all the new rules
Last I checked it seemed they used CSF as a hook to get business for their other offerings. Maybe cPanel is just dwindling since their new overlord overhauled pricing plans?
EDIT: From what I remember, a lot of their offerings targeted people without a lot of experience. Things like tweaking cPanel installs so lots of the more casual cPanel users may have migrated (or new comers simply looked to another product from the start ) and killed that business. The more experienced wasn’t gonna pay for these ‘optimizations’.
I just got a response from a developer:
> We are actively working on csf so that we can release it under the
GPLv3 license. Our other free scripts will likely follow. If and when
we do release them it will be to our GitHub repository:
https://github.com/waytotheweb/scripts
ignorant question(s): why would there be any hesitation in going the GPL route? are there any potential downsides?
We don’t know that the code doesn’t contain some propriety software we don’t know about or their may be some other borrowed code that conflicts with being released under GPLv3? Not really much point guessing though.
Is is the one thing that I was looking for in their Faq 
( It seems their website is down now )
thanks for the link by the way , hope it will be release . The csf/lfd combo with webmin works well on rocky 9 which I did not expected coming from rocky 8. The webmin plugin is very good .
For rocky 10 I do not know yet , perhaps it will better to switch to firewalld and use your new module .
Thanks! Though it took a lot of effort to integrate and style it.
I hope they can release CSF under the
GPL license. I prefer to use this firewall.
Just in case, any tips to transfer my CSF LFD firewall rules to Firewalld and Fail2ban? Thanks!
Yeah, it’s always been great!
You’d have to come up with something. Or, if I have spare time, I could play around with it. But I’d need an example of those CSF LFD firewall rules you’re referring to. I don’t think it would be too difficult to automate though.
Csf is not dead yet, we have max 30 days to wait to see if it is gpl’ed.
Thanks! I am going to wait until the end of August to make a decision.
I think, I am going to transfer de rules from Allow incoming, Allow outgoing from TCP and UDP in CSF to Firewalld. I was investigating, and it is not very difficult to do it.
I have never used Fail2ban so, at first, I will use the preconfigured rules of Fail2ban in Webmin.
Only one question: I have changed my SSH and Webmin ports from the default ones. Is it necessary to indicate this change in Fail2Ban? Thanks!