The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

CSF Firewall Config

Discussion in 'Security' started by Rob Bathgate, Sep 23, 2015.

  1. Rob Bathgate

    Rob Bathgate Registered

    Joined:
    Sep 23, 2015
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    New Zealand
    cPanel Access Level:
    Root Administrator
    Hi,

    Apologies if this is the wrong place to post this; I know there's a forum over at CSF website for it, but I'm really stuck and was hoping someone here could help.

    I'm having trouble getting CSF firewall to work...

    My understanding is that the default behaviour is block/deny all. However this doesn't seem to be happening.

    In csf.allow I have:

    my.ip.address.here

    And then I want to "Block all other access to port 22 / ssh"

    I would have expected this to work by default if the default is deny all but nope.

    I added the following to csf.deny:
    tcp|in|d=22|s=0.0.0.0

    And still I can SSH in from another IP

    And if I add:
    0.0.0.0/22

    Again I can still SSH from another IP

    I can only block IPs by using:
    0.0.0.0/0

    However this blocks ALL ports, so the end user cannot even see port 80/website.

    Ultimately I want to:

    Allow anyone to see port 80 and 433
    Block everyone apart from my IPs on port 22 and 21

    Any advice, most appreciated.

    Many thanks
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,708
    Likes Received:
    658
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
  3. Rob Bathgate

    Rob Bathgate Registered

    Joined:
    Sep 23, 2015
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    New Zealand
    cPanel Access Level:
    Root Administrator
    Hi

    I did not know that was built in - feel stupid now.

    That's much better, thank you!
     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,708
    Likes Received:
    658
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
Loading...

Share This Page