Unblock IP in CSF

Rachel B.
  • Updated
Follow

ConfigServer Security & Firewall (CSF) is an advanced firewall, login/intrusion detection and security application for Linux servers. One of its many benefits is the ability to easily manage allowed ("whitelisted") and denied ("blacklisted") IP addresses.

If you find that you suddenly cannot access anything on your server from a specific IP address, it is most commonly due to the IP address having been blocked in the server firewall.

Here we cover the steps to unblock an IP address when using the CSF firewall application on your VPS or dedicated Server, either in Root WHM or via command line.

Related Articles

Whitelist IP in Server Firewall
Install CSF
How to SSH into VPS or Dedicated Servers

Unblock IP in WHM

IMPORTANT: This solution will require root access. If this needs to be obtained, follow the guide on requesting root access.
NOTE: These steps will need to be performed from an IP address that is not currently blocked on the server. Please contact our Support team if you do not have another means of accessing the server.
 

  1. Log into Root WHM
  2. Navigate to Plugins -> ConfigServer Security & Firewall
    WHMCSF.PNG
     
  3. Navigate to the csf tab
    CSFcsftab.PNG
  4. Enter the IP address in the Search iptables for IP address text field and click the Search for IP button
    CSFSearchforIP.PNG
  5. If the IP is found in your firewall configuration, the applicable Deny and/or Allow rules will be displayed
    CSFIPSearchResults.PNG
  6. If the IP is blocked, click the Remove <IP> block button to remove it
    CSFRemoveIPBlock.PNG

Unblock IP in CWP Admin

IMPORTANT: This solution will require root access. If this needs to be obtained, follow the guide on requesting root access.
 

  1. Log into CWP Admin
  2. Navigate to CSF Firewall, located under Security
    CWPCSFMenu.png
  3. Enter the IP address in the ip box for Quick Unblock
    CSFQuickUnblock.png
     
  4. Click Quick Unblock to unblock the IP

Unblock IP via Command Line

IMPORTANT: This solution will require root access. If this needs to be obtained, follow the guide on requesting root access.
 

  1. Access the server via SSH as the root user or using the Terminal in Root WHM

  2. Run the following command to search the temporary block list

    csf -t | grep 12.34.56.78

    REPLACE: 12.34.56.78 with the IP address that is unable to access the server.

    1. Remove from the temporary block using the following command
      NOTE: This does not whitelist the IP.

      csf -tr 12.34.56.78

      REPLACE: 12.34.56.78 with the IP address that is unable to access the server.

  3. Run the following command to search iptables for the IP address

    csf -g 12.34.56.78

    REPLACE: 12.34.56.78 with the IP address that is unable to access the server.

  4. If this search returns deny rules for the IP, run the following to remove the block

    csf -dr 12.34.56.78

    REPLACE: 12.34.56.78 with the IP address that is unable to access the server.

  5. Check for the reason the IP was blocked with grep 12.34.56.78 /var/log/lfd.log
    REPLACE: 12.34.56.78 with the IP address that is unable to access the server.

  6. Run the following command to restart CSF

    csf -r

Related articles

Comments

0 comments

Article is closed for comments.