The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

ConfigServer Security&Firewall

Discussion in 'Security' started by gulamchagani, Jan 21, 2014.

  1. gulamchagani

    gulamchagani Registered

    Joined:
    Jan 21, 2014
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Hi,

    I have a customer who is not able to access his website that we host. I checked both the permanent and temp block in CSF, their IP is not listed here, however if I search their IP under iptable rules, I see it under Chain DENYIN.

    The only way to allow them access was to allow their IP, but I am not too comfortable with that. How do I solve this?

    Gulam
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,814
    Likes Received:
    672
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    You could try searching for the iptables rule directly. EX:

    Code:
    iptables -L INPUT -n --line-numbers | grep 1.1.1.1
    Then, delete the line number associated with the block. EX:

    Code:
    iptables -D INPUT 2
    Please note that CSF is a third-party application that is not developed by cPanel. Questions pertaining specifiably to this software may get more responses from their own support forums.

    Thank you.
     
  3. quizknows

    quizknows Well-Known Member

    Joined:
    Oct 20, 2009
    Messages:
    942
    Likes Received:
    57
    Trophy Points:
    28
    cPanel Access Level:
    DataCenter Provider
    there's a command for checking CSF blocks:

    Code:
    csf -g $IP
    This will check perm/temp bans and if i remember right, iptables rules too.

    You could consider a full disable/re-enable of CSF which should sync your iptables rules to the config files.

    Code:
    csf -x && iptables --flush && csf -e 
    NEVER FLUSH IPTABLES WHILE CSF IS ENABLED. You can seriously break things requiring physical access to the server to fix it. Running csf -x to disable CSF is mandatory before flushing iptables.
     
Loading...

Share This Page