Welcome to our Support Center
How to manage CSF firewall through WHM UI
How to manage CSF firewall through WHM
The ConfigServer Security and Firewall (CSF) within WebHost Manager (WHM) offers several different ways to block and whitelist IP addresses.
- Whitelisting IP addresses.
- Blocking and unblocking IP addresses.
Whether you need to unblock a client’s IP address after it has been blocked or close a port to prevent malicious activity, the CSF is a powerful tool for helping secure your site.
Unblocking an IP Address in CSF.
To determine whether an IP address has been blocked, follow these steps to unblock and find the reason for the IP block:
- Login to WHM
- Search for Firewall and Select ConfigServer Security & Firewall.
- Under csf – ConfigServer Firewall, in the Search iptables for IP address text box, type the IP address to search for and then click Search for IP.
- If the IP address is blocked, it appears in the search results, along with the reason. To unblock the IP address, click the padlock icon to the right of the IP address.
Allowing (Whitelisting) an IP Address
To whitelist an IP address in the firewall (csf.allow), you can follow the steps:
- Login to WHM
- Search for Firewall and Select ConfigServer Security & Firewall.
- Under csf – Quick Actions, locate the Quick Allow section.
- You can enter the IP address into the Quick Allow section, along with an optional comment for the allow (such as “Home Network”), and click the Quick Allow button.
- It is recommended to whitelist IPs only as necessary and, for a long-term solution, focus on resolving the issue which led to the block (such as incorrect login credentials)
Adding an IP Address to Deny List (Block)
To add an IP address to the blocklist in the firewall (csf.deny), you can follow the steps:
- Login to WHM
- Search for Firewall and Select ConfigServer Security & Firewall.
- Under csf – Quick Actions, locate the Quick Deny section.
- You can enter the IP address into the Quick Deny section, along with an optional comment for the allow (such as “Malicious IP”), and click the Quick Allow button.