ConfigServer Security&Firewall

gulamchagani

Registered
Jan 21, 2014
1
0
1
cPanel Access Level
Root Administrator
Hi,

I have a customer who is not able to access his website that we host. I checked both the permanent and temp block in CSF, their IP is not listed here, however if I search their IP under iptable rules, I see it under Chain DENYIN.

The only way to allow them access was to allow their IP, but I am not too comfortable with that. How do I solve this?

Gulam
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,880
2,268
463
Hello :)

You could try searching for the iptables rule directly. EX:

Code:
iptables -L INPUT -n --line-numbers | grep 1.1.1.1
Then, delete the line number associated with the block. EX:

Code:
iptables -D INPUT 2
Please note that CSF is a third-party application that is not developed by cPanel. Questions pertaining specifiably to this software may get more responses from their own support forums.

Thank you.
 

quizknows

Well-Known Member
Oct 20, 2009
1,008
87
78
cPanel Access Level
DataCenter Provider
there's a command for checking CSF blocks:

Code:
csf -g $IP
This will check perm/temp bans and if i remember right, iptables rules too.

You could consider a full disable/re-enable of CSF which should sync your iptables rules to the config files.

Code:
csf -x && iptables --flush && csf -e
NEVER FLUSH IPTABLES WHILE CSF IS ENABLED. You can seriously break things requiring physical access to the server to fix it. Running csf -x to disable CSF is mandatory before flushing iptables.