This is commonly found in a WHM / cPanel VPS or dedicated server. Actually, CSF is effective and it is free. A lot of server admin will install them as soon as they have received it. But seriously speaking, how many users know how to tweak and optimise the performance. Honestly, very few and I always see people left them in auto-pilot mode and full stop. So what is CSF? Yes, it is a firewall and it is software-based. It is installed onto the server.
There is nothing wrong to install a piece of free and useful software. Wait for a second, did I just say it was useful? In a certain extent, it is a Yes. But I have seen many cases, CSF is added burden to the user.
I have seen many as I have said, they simply install and turned on the firewall. If you are doing this, you might accidentally block good users or in the worst situation, you are blocked. When such a thing has happened, may have treated the service is not available and it can be frustrating especially it has happened often. There is the case, like packet loss when you are pinging the server IP or domain name. This is because of CSF. Simply turn it off and everything is back to normal.
Don’t get me wrong, CSF is useful but you need to know how to use it. Without, it can be a hassle for you. So I never buy an idea like installing a software firewall on the server. Actually, if the attacks come, the firewall will eat up the resources on the server and eventually the server performance is affected. But a web firewall like Sucuri Firewall Pro does not install onto the server, it has offloaded the server and because of many distributed points, it helps to speed up a website if you are staying further from the source of the website.