cPanel CSF Firewall Whitelist an IP Address
ConfigServer Firewall (CSF) is a powerful software firewall. It provides a graphical user interface for cPanel that can be installed using a plugin. All managed servers at Greens247 have cPanel and CSF preinstalled. Sometimes CSF can interfere with your server operations because of its default strict policies. You may need to whitelist an IP that you trust to avoid it from getting blocked. This article will explain how to whitelist an IP address using the CSF cpanel plugin graphical interface. If you are an advanced user looking for a way to whitelist an IP address in terminal using CLI, this is not the right article for you.
Whitelisting an IP address in CSF firewall will prevent the cPanel server from blocking the IP addresses that you trust. Please use this with caution. If a ddos or a bruteforce attack was launched on your server from a whitelisted IP, the server will ignore the attack and will not report it to you.
Prerequisite:
In order to perform this task, you need to have access to WHM and have root access on the server.
Procedures:
- Login to WHM
- On the left menu, search type "ConfigServer Security & Firewall" and then click it.
- Once your on the firewall page, click the "csf" tab.
- Use the green text box labeled "Allow IP address" and type in the IP you want to allow.
- Click quick allow, this adds your IP to the "csf.allow" file which contains a list of all white listed IPs.
- To ensure that your IP has been whitelisted go to the "csf - ConfigServer Firewall" section.
- Click "Firewall Allow IPs" button, you should find your IP address there.
- If your IP address was previously blocked permanently it should be in "csf.deny", so make sure you remove it in order to avoid conflict.
- Click "Firewall Deny IPs" button. If you find your IP there you need to remove the entire line and click the change button.