csf Ip adding question.

Luciel

Active Member
Oct 13, 2005
42
0
156
Hi,

Do i need to add my ip to csf in order to have access to whm?

If so, how can i if i have a dynamic ip address?
 

dafut

Well-Known Member
Dec 14, 2005
74
0
156
No. You do need to have the port(s) open for cpanel and whm; they should be included in the default build of CSF.

These are some of the cPanel/WHM default TCP In ports: 2082,2083,2086,2087,2095,2096. 2082 and 2083 are http and https access for cPanel; 2086 and 2087 are http and https access for WHM; the last two are for http and https access to webmail (respectively).

There should be a number of other ports open for inbound TCP access as well...don't limit yourself to just these.
 

Luciel

Active Member
Oct 13, 2005
42
0
156
so i could activate it using the defaults for high and still being able to acces whm/cpanel (and all sites being accesable) without adding any ip to allowed ips?
 

dafut

Well-Known Member
Dec 14, 2005
74
0
156
Unless you're the only person that has a need to access WHM or cPanel, you'll want those ports open to all users.

I do add my dynamic IP to the "Firewall Allow IPs" and "lfd Ignore IPs" sections so that I don't get emails every time I log in to my server via SSH. And every time my ISP decides to re-address my area--forcing me to reset my gateway--I have to go change both sections to match. Minor crisis...
 

Luciel

Active Member
Oct 13, 2005
42
0
156
ok so if i don't touch anything, activate the firewall to high and get testing off, the only thing that would happen is that i get an email everytime someone logs into whm/cpanel/ssh? you see my main worry is that i get locked out.
 

dafut

Well-Known Member
Dec 14, 2005
74
0
156
The purpose of the testing function is to put the firewall up for a short period of time, set in the configuration, for testing purposes. Set the firewall; break your connections, and test to the different ports. If you fail to connect, wait the time out and attempt to reconnect once that time has passed.

If you want to test the test, remove a port, such as 2082 for TCP In. Save; set the firewall. Attempt to connect on port 2082. Should fail. Wait out the testing period; attempt to connect again. Should be good.

Put 2082 back in place; save; test. Should connect.