CSF or ConfigServer security and firewall inside WHM allows you to whitelist or blacklist IP addresses and ports to your Linux servers. Here, we have mentioned how you can perform an IP address whitelist and blacklist using CSF CLI and GUI.
How to blacklist an IP address using the GUI in CSF?
1.Log in to your WHM panel using the root user.
2. Inside the plugin, click on the configserver security and firewall.
3. Click on the Firewall Deny IPs button and enter the IP address that you want to blacklist.
4. After adding the IP address, click on the change button.
5. Finally, restart the firewall using the Restart csf+lfd button.
How to whitelist an IP address using the GUI in CSF?
1. Log in to your WHM panel using the root user.
2. Inside the plugin, click on the configserver security and firewall.
3. Click the Firewall Allow IPs button and enter the IP address you want to blacklist.
4. After adding the IP address, click on the change button.
5. Finally, restart the firewall using the Restart csf+lfd button.
How to blacklist IP address using CLI in CSF?
1. Log in to your Linux server using root or sudo user.
2. Go to the path /etc/csf/.
3. Inside the CSF directory, edit the file called csf.deny. You can use your favourite editor to edit the file.
4. Add the IP address to the list you want to blacklist. Save the file.
5. Restart the firewall after adding the IP address. Run the below command to restart the firewall.
csf-r
How to Whitelist an IP Address Using the CLI in CSF?
1. Log in to your Linux server using root or sudo user.
2. Go to the path using the below command:
> cd /etc/csf/
3. Inside the CSF directory, edit the file called csf.allow.
4. Add the IP address that you want to whitelist. Save the file.
5. Restart the firewall after adding the IP address. Run the below command to restart the firewall.
> csf-r
Conclusion:
CSF (ConfigServer Security & Firewall) provides a simple and effective way to manage IP access on your server using both the WHM graphical interface and the command line. The GUI method is ideal for quick changes, while the CLI approach offers more control and is useful for automation or bulk updates. Always remember to restart the CSF firewall after making any changes so they take effect immediately. Proper use of IP whitelisting and blacklisting helps improve server security and ensures uninterrupted access for trusted sources.
