ConfigServer Security&Firewall

gulamchagani

• January 21, 2014 01:24

Hi, I have a customer who is not able to access his website that we host. I checked both the permanent and temp block in CSF, their IP is not listed here, however if I search their IP under iptable rules, I see it under Chain DENYIN. The only way to allow them access was to allow their IP, but I am not too comfortable with that. How do I solve this? Gulam

• 

  cPanelMichael

  • January 21, 2014 14:33

  Hello :) You could try searching for the iptables rule directly. EX: iptables -L INPUT -n --line-numbers | grep 1.1.1.1
  Then, delete the line number associated with the block. EX: iptables -D INPUT 2
  Please note that CSF is a third-party application that is not developed by cPanel. Questions pertaining specifiably to this software may get more responses from their own support forums. Thank you.

  0
• 

  quizknows

  • January 22, 2014 20:27

  there's a command for checking CSF blocks: csf -g $IP
  This will check perm/temp bans and if i remember right, iptables rules too. You could consider a full disable/re-enable of CSF which should sync your iptables rules to the config files. csf -x && iptables --flush && csf -e
  NEVER FLUSH IPTABLES WHILE CSF IS ENABLED. You can seriously break things requiring physical access to the server to fix it. Running csf -x to disable CSF is mandatory before flushing iptables.

  0

Please sign in to leave a comment.