Search our site for answers
Help Docs Control Panel Guides The Ultimate Guide to the WHM Control Panel (2025) Security in WHM Blocking IP Addresses in WHM

Blocking IP Addresses in WHM

Need to block an IP? This guide shows how to use ConfigServer Security & Firewall in WHM to permanently or temporarily deny any IP address.
Control Panel WHM
3 min read

At times, an IP address will need to be blocked directly to keep a malicious IP address from trying to gain access to your server. Most often, our Support team catches the issue, blocks the IP address and investigates the issue before it is even cause for concern to you or your users.

However, in certain instances, you may need to block an IP address yourself. This tutorial will take you through the steps to block an IP address using the ConfigServer Security & Firewall (CSF) plugin in WHM. CSF is automatically installed on your Cloud VPS and blocking an IP address takes just a few simple steps in WHM.

Here you will see how to:

Permanently Block an IP Address

  1. Log into WHM.
  2. ConfigServer Security & Firewall is found under Plugins. Scroll to the bottom of the page and click the Plugin link on the home screen.
    plugin link highlighted
  3. From the Plugin page, click on ConfigServer Security & Firewall to open the plugin controls.
    plugin home showing configserver security highlighted
  4. Once CSF opens, navigate to Quick Deny.
    quick deny section highlighted
  5. Type in the IP address you want to block and click Quick Deny. You can also add comments for the block if you are blocking multiple IP addresses and need to keep track of the reasoning for the block.
  6. A page will open confirming that the IP address has been blocked.
    quick deny confirm

Temporarily Block IP Address

You can temporarily block an IP address for testing and development purposes. With this function, you can choose the IP address, port to block it from and the length of time to block the IP for.

  1. Scroll down to Temporary Allow/Deny in the CSF plugin.
    temp allow/block highlighted
  2. Enter the IP address, port, if needed, and the length of time you want the IP address to be denied for. To block the IP from all ports leave the asterisk (*) in the port section. Choose seconds, minutes, hours, and days for the amount of time the IP address will be blocked for.
    ip and time to block entered
  3. Click on Temporary Allow/Deny and a confirmation of the IP address, port and time will show on the page.
    temporary block confirm

View Blocked IP Addresses

  1. To view all blocked IP addresses, navigate to the Firewall Deny IPs section of CSF, and click on the button and you will be directed to the csf.deny file.
    firewall deny ips section
  2. This file can be edited by clicking Toggle Editor/Text area. When you click the link, the text color will change, you can then scroll down to the bottom and enter the IP address you wish to block.

    Note:

    Edits in the csf.deny file will not affect temporary IP address blocks and will require a restart of the firewall to take effect.

    file editor home

  3. Click Change to save your changes.
    change button highlighted
  4. CSF will confirm that your changes were made and request that you restart CSF. Click the Restart csf+lfd button to start the process.
    restart csf and lfd button highlighted
  5. Once the restart process is complete, click Return to go back to the main CSF control page.
Was this article helpful?