How to Back up and Restore the CSF Firewall Configuration

Reading Time: 2 minutes

Prior to making direct edits to the firewall configuration file or changing advanced firewall settings in WHM, a backup of the current configuration should be taken so that the settings can quickly and easily be reverted if needed. Continue reading “How to Back up and Restore the CSF Firewall Configuration”

How to Block Traffic by Country in the CSF Firewall

Reading Time: 3 minutes

One of the most-requested features on cPanel servers is the ability to manage and filter traffic at a country level. With the ConfigServer Firewall (CSF) plugin in WebHost Manager, you can do exactly that.

Country-level filtering in CSF uses the Maxmind GeoLite Country database to obtain CIDR (Classless Inter-Domain Routing) ranges for specific countries. Each CIDR range covers all the IP addresses assigned to that country. Continue reading “How to Block Traffic by Country in the CSF Firewall”

How to Allow Traffic by Country in the CSF Firewall

Reading Time: 2 minutes

One of the most-requested features on cPanel servers is the ability to manage and filter traffic at a country level. With the ConfigServer Firewall (CSF) plugin in WebHost Manager, you can do exactly that. Continue reading “How to Allow Traffic by Country in the CSF Firewall”

How to Block Ports by Country in CSF

Reading Time: 4 minutes

In addition to being able to manage traffic from a specific country or a list of countries, CSF allows you to manage access by country to specific ports. This can be useful if you need to ensure that a particular service is available globally (such as your web server on port 80) but want to restrict international access to services such as WHM/cPanel, SSH, or FTP. Continue reading “How to Block Ports by Country in CSF”

Basic DoS/DDoS Mitigation with the CSF Firewall

Reading Time: 5 minutes

Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks are common threats that every publicly accessible web server faces. The purpose of such attacks, in simplest terms, is to flood a server with connections, overloading it and preventing from accepting legitimate traffic.

Attacks increasingly have become automated instead of directly targeted and botnets (networks of infected computers that can be remotely controlled) continue to grow at a rapid pace, making DoS and DDoS attacks much more common.

Fortunately, CSF can be used to help mitigate small attacks. Continue reading “Basic DoS/DDoS Mitigation with the CSF Firewall”