Wondering how to allow port for specific IP in CSF? We can help you.

As part of our Server Management Services, we assist our customers with several cPanel queries.

Today, let us see how our Support techs proceed to allow it.

How to allow port for specific IP in CSF?

Today, let us see the steps followed by our support Techs for providing access to a specific port for a particular IP address or a set of IP addresses in the server without opening the port publicly in the CSF conf.

1. Firstly, login to your server via SSH as root.

# ssh root@server_IP

2. Then, open the file /etc/csf/csf.allow with your favorite text editor.

# vi /etc/csf/csf.allow

3. Allowing IP addresses through specific ports follows the same idea, but you need a little more syntax.

You’ll use this syntax:

protocol:in:d=port:s=IP

Then, you need to replace “protocol” with the protocol, “tcp,” “udp,” or “icmp”, “port” with the port number, and “IP” with the IP address or range.

So if we want to allow IP address 192.0.2.0 to access MySQL on port 2222, add this to the csf.allow file.

tcp:in:d=222:s=192.0.2.0

4. At last, restart the service CSF using the following command in order to get reflected by the changes made

# csf -r

If you want to open the port to a set of IP addresses, add the same rule for each IP address in csf.allow file.

Make sure to remove the port from TCP_IN and TCP_OUT lines in csf.conf file

[Stuck in between? We’d be glad to assist you]

Conclusion

In short, today we saw steps followed by our Support Techs to allow port for specific IP.