How To Unblock an IP Address in APF

Advanced Policy Firewall, or APF, is a software firewall commonly installed on Liquid Web servers. It is an interface to iptables, which is standard software for managing network ports on Linux. Interacting with iptables can be complex, but APF greatly simplifies the process. APF is only accessible via ssh, and there is no way to make changes in APF through WHM or cPanel.

Pre-Flight Check
  • These instructions are intended specifically for unblocking an IP Address in APF.
  • I’ll be working from a Liquid Web Core Managed CentOS 6.5 server, and I’ll be logged in as root.
  • For further details, see our in-depth look at the APF firewall.
Check APF for Your IP Address

Let’s say that you want to check whether or not a specific IP address, maybe 8.8.8.8 , is blocked by APF. That’s easy!

grep 8.8.8.8 /etc/apf/*

You may receive a result similar to:

/etc/apf/deny_hosts.rules:# added 8.8.8.8 on 04/25/14 13:42:01 with comment: {bfd.courier}
/etc/apf/deny_hosts.rules:8.8.8.8

The above means that BFD detected a brute force attack from the IP 8.8.8.8 on port 25, and automatically added a rule to APF to prevent future connections specifically from that IP address.

Continue reading “How To Unblock an IP Address in APF”