Hi CaioVictor,
CSF requires IPTables to work.
Also, Software Firewall can only protect you from DOS attacks; DDOS attacks will either consume all your RAM/CPU while your Software Firewall blocks it. And there's also your server port limitation; say if you have a 100mbit port, then a 10mbps flood would hit off your server (same with 1gbit with a 100mbps flood).
If you are serious about server hardening; you will need to make modifications on your sysctl.conf to harden your kernel for TCP-based attacks/floods. You are only able to do this if you have a KVM/XEN or a Dedicated Server; OpenVZ-based service should have been set up by your hosting provider.
The only legit way of protecting your server from DDOS is if you have a hardware filter; NOT hardware firewall, firewalls can block most UDP-based attacks but you will have trouble with TCP (SSYN, ESSYN, SYN, ACK, etc.)