Coming soon Turbo Ecommerce Cloud for WordPress

Contact Info

8 The Green Ste R, Dover, DE 19901

(+1) 470 - 809-9620

[email protected]

Get Started
ConfigServer Firewall

A Step-by-Step Guide on how to Unblock IP Addresses in the ConfigServer Firewall via Command Line Interface (CLI)

Introduction:
In today’s digital landscape, security is paramount for any online entity. Firewalls play a crucial role in safeguarding servers from unauthorized access and malicious activities. The ConfigServer Firewall (CSF) is a popular firewall solution for Linux servers, known for its robust security features. Occasionally, you might need to unblock certain IP addresses to ensure legitimate access to your server. In this guide, we’ll walk you through the process of unblocking IP addresses in the ConfigServer Firewall using the command-line interface (CLI).

Step 1: Access Your Server via SSH
The first step is to establish a secure shell (SSH) connection to your server. You can use terminal or SSH client software like PuTTY to connect to your server remotely. Make sure you have administrative privileges to perform the necessary actions.

Step 2: Navigate to CSF Configuration Directory
Once logged in to your server via SSH, navigate to the directory where the CSF configuration files are located. Typically, the CSF configuration directory is located at /etc/csf/.

cd /etc/csf/

Step 3: Open the CSF Deny File
Next, you’ll need to open the CSF deny file, which contains a list of blocked IP addresses. You can use a text editor like vi or nano to edit the file.

sudo vi csf.deny

Step 4: Remove Blocked IP Addresses
Within the CSF deny file, you’ll find a list of blocked IP addresses. Each IP address is listed on a separate line. Use the text editor to remove the lines containing the IP addresses you wish to unblock. Once you’ve removed the entries, save the changes and exit the editor.

Step 5: Restart CSF Firewall
After removing the blocked IP addresses from the CSF deny file, you’ll need to restart the CSF firewall to apply the changes. You can do this using the following command:

sudo csf -r

This command reloads the CSF firewall with the updated configuration, and the IP addresses you’ve unblocked will now have access to your server.

Conclusion:
Unblocking IP addresses in the ConfigServer Firewall using the command-line interface is a straightforward process that can help ensure legitimate access to your server while maintaining robust security measures. By following the steps outlined in this guide, you can effectively manage your server’s firewall rules and maintain a secure online environment.

Most used CSF commands

#CommandDescription
1csf -eEnable CSF – (if it was disabled)
2csf -xDisable CSF
3csf -sStart the firewall rules
4csf -fFlush/Stop firewall rules (lfd may restart csf)
5csf -rRestart the firewall rules
6csf -a [XXX.XXX.XXX.XX] [Optional comment]Allow an IP and add to /etc/csf/csf.allow
7csf -td [XXX.XXX.XXX.XX] [Optional comment]Temporary block and IP in /var/lib/csf/csf.tempban
8csf -tr [XXX.XXX.XXX.XX]Remove an IP from the temp IP ban or allow list
9csf -tfFlush all IPs from the temporary IP entries
10csf -d [XXX.XXX.XXX.XX] [Optional comment]Deny an IP and add to /etc/csf/csf.deny
11csf -dr [XXX.XXX.XXX.XX]Unblock an IP and remove from /etc/csf/csf.deny
12csf -dfRemove and unblock all entries in /etc/csf/csf.deny
13csf -g [XXX.XXX.XXX.XX]Search the iptables and ip6tables rules for a match
14csf -tDisplays the current list of temporary allow and deny IP entries with their TTL and comments

At GOZEN Host, security is paramount. We prioritize safeguarding our clients and their websites. Config Server Firewall (CSF) stands as a testament to our commitment. It’s one of the top-notch FREE tools empowering System Administrators in combatting a rising tide of attacks. Its seamless performance on cPanel Servers, DirectAdmin, and across various Shared, VPS, and Dedicated platforms underscores its effectiveness in bolstering security measures.

Share this Post