Unblocking an IP Address or Opening a Port in the Firewall

Should you discover (or suspect) that a client or customer’s IP address has been blocked by the firewall on your cPanel server, or should you just need to open or close a port, you may be able to quickly resolve the issue yourself with just a little help.

Regardless of the software firewall your cPanel server is running, we have detailed, step-by-step instructions for managing it in our Knowledge Base:

  • How To Unblock Your IP Address in Manage: If you have a Dedicated, Storm, or VPS server, and your server is running the CSF firewall, you can unblock the IP address from your Manage dashboard. Find out how at How To Unblock Your IP Address in Manage.
  • Managing the Firewall in WHM/cPanel: If you have access to WebHost Manager and your server is running the ConfigServer Firewall (CSF), you can use a graphical interface to manage the firewall. Find out how at Managing the CSF Firewall in WHM.
  • Managing IP Address Blocks in CSF: You can manage IP blocks in the CSF firewall from the command line over SSH as well. Find out how at How To Unblock an IP Address in CSF.
  • Managing IP Address Blocks in APF: If your server uses the Advanced Policy Firewall (APF), you can block or unblock IP addresses via SSH with our walkthrough at How To Unblock an IP Address in APF.
  • Managing Open Ports In Your Firewall: If you need to open or close a port on your server, or check whether a specific port is open, visit Opening Ports in Your Firewall for a walkthrough of the process using SSH, or How To Open a Port in CSF With WHM/cPanel to manage ports in WHM/cPanel.

 

How To Unblock an IP Address in APF

Advanced Policy Firewall, or APF, is a software firewall commonly installed on Liquid Web servers. It is an interface to iptables, which is standard software for managing network ports on Linux. Interacting with iptables can be complex, but APF greatly simplifies the process. APF is only accessible via ssh, and there is no way to make changes in APF through WHM or cPanel.

Pre-Flight Check
  • These instructions are intended specifically for unblocking an IP Address in APF.
  • I’ll be working from a Liquid Web Core Managed CentOS 6.5 server, and I’ll be logged in as root.
  • For further details, see our in-depth look at the APF firewall.
Check APF for Your IP Address

Let’s say that you want to check whether or not a specific IP address, maybe 8.8.8.8 , is blocked by APF. That’s easy!

grep 8.8.8.8 /etc/apf/*

You may receive a result similar to:

/etc/apf/deny_hosts.rules:# added 8.8.8.8 on 04/25/14 13:42:01 with comment: {bfd.courier}
/etc/apf/deny_hosts.rules:8.8.8.8

The above means that BFD detected a brute force attack from the IP 8.8.8.8 on port 25, and automatically added a rule to APF to prevent future connections specifically from that IP address.

Continue reading “How To Unblock an IP Address in APF”

APF Firewall

Advanced Policy Firewall, or APF, is a firewall sometimes seen on Liquid Web’s servers. It is basically an interface to iptables, which is the standard interface to managing network ports on Linux machines. Interacting with iptables can be complex and error-prone, and APF greatly simplifies working with it. However, APF is still only accessible by ssh. There is no way to make changes in APF through WHM or cPanel.

Continue reading “APF Firewall”