How To Unblock Your IP Address in Manage

Liquid Web has introduced a new feature designed to simplify the removal of errant IP address blocks in the firewall, and allow customers to quickly remove their own address from within their Manage dashboard. In this manner, customers can remove blocks on their IP addresses even when they are unable to access WebHost Manager itself due to the block.

Pre-Flight Check

  • The cPanel Quick IP Address Unblock feature is designed for servers using the ConfigServer Firewall (CSF).
  • The feature does not apply to any server utilizing a different firewall.
  • You must have access to your Manage dashboard to use the IP delist feature.
    Note: Customers with Dedicated, Storm, or VPS servers which are not currently using the CSF firewall can request an upgrade from support to take advantage of this Manage feature. There is no charge, it typically takes only a few minutes and the only service that needs to be restarted as a result is the firewall itself. Our support technicians also can port your existing APF rules to CSF. If requesting an upgrade, please be sure to indicate whether your server uses the Guardian backup service so that its rules also can be configured.

Step #1: Log into Your Manage Interface

  1. In Manage, click on the [+] next to your server’s hostname to expand its details.
  2. Now click on the Dashboard button to open the Server Dashboard.

    Dashboard

Step #2: Unblock the IP Address

  1. Click on the Network tab to bring up the Networking pane.
  2. You will see your current IP address, as reported by your web browser, pre-populated in the cPanel Quick IP Address Unblock field. If you wish to unblock a different IP address, simply replace the address shown in the field with the IP address you wish to unblock.
    If you’re attempting to unblock the IP address of a client, developer, or other party who does not know their public IPV4 address, you can direct them to http://ip.liquidweb.com to obtain their address for you.
  3. Click the Unblock IP button to attempt to automatically remove the IP address in the CSF firewall.

    Unblock

  4. The Unblock IP button will change to Working… while it attempts to delist the IP address. Once the process completes, you should see a banner indicating whether the delisting was successful.

    Success

Step #3: I Got Blocked Again. Why?

There are many reasons why an IP address can be blocked in the firewall, but the two most common are:

  • The use of an incorrect username or password combination when connecting to the server or a service such as email, ftp, ssh, or cPanel/WHM
  • A mod_security rule violation

If you are unable to determine the cause for the block, feel free to contact Heroic Support®. You also may wish to consult the following Knowledge Base articles: Unblocking an IP Address or Opening a Port in the Firewall and How to Manage the CSF Firewall in WHM/cPanel.
 
 

Basic DoS/DDoS Mitigation with the CSF Firewall

Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks are common threats that every publicly accessible web server faces. The purpose of such attacks, in simplest terms, is to flood a server with connections, overloading it and preventing from accepting legitimate traffic.

Attacks increasingly have become automated instead of directly targeted and botnets (networks of infected computers that can be remotely controlled) continue to grow at a rapid pace, making DoS and DDoS attacks much more common.

Fortunately, CSF can be used to help mitigate small attacks. Continue reading “Basic DoS/DDoS Mitigation with the CSF Firewall”

How to Block or Allow Specific Ports by Country in the CSF Firewall

In addition to being able to manage traffic from a specific country or a list of countries, CSF allows you to manage access by country to specific ports. This can be useful if you need to ensure that a particular service is available globally (such as your web server on port 80) but want to restrict international access to services such as WHM/cPanel, SSH, or FTP. Continue reading “How to Block or Allow Specific Ports by Country in the CSF Firewall”

How to Block Traffic by Country in the CSF Firewall

One of the most-requested features on cPanel servers is the ability to manage and filter traffic at a country level. With the ConfigServer Firewall (CSF) plugin in WebHost Manager, you can do exactly that.

Country-level filtering in CSF uses the Maxmind GeoLite Country database to obtain CIDR (Classless Inter-Domain Routing) ranges for specific countries. Each CIDR range covers all the IP addresses assigned to that country. Continue reading “How to Block Traffic by Country in the CSF Firewall”

Unblocking an IP Address or Opening a Port in the Firewall

Should you discover (or suspect) that a client or customer’s IP address has been blocked by the firewall on your cPanel server, or should you just need to open or close a port, you may be able to quickly resolve the issue yourself with just a little help. Continue reading “Unblocking an IP Address or Opening a Port in the Firewall”

How To Unblock an IP Address in APF

Advanced Policy Firewall, or APF, is a software firewall commonly installed on Liquid Web servers. It is an interface to iptables, which is standard software for managing network ports on Linux. Interacting with iptables can be complex, but APF greatly simplifies the process. APF is only accessible via ssh, and there is no way to make changes in APF through WHM or cPanel.

Pre-Flight Check
  • These instructions are intended specifically for unblocking an IP Address in APF.
  • I’ll be working from a Liquid Web Core Managed CentOS 6.5 server, and I’ll be logged in as root.
  • For further details, see our in-depth look at the APF firewall.
Check APF for Your IP Address

Let’s say that you want to check whether or not a specific IP address, maybe 8.8.8.8 , is blocked by APF. That’s easy!

grep 8.8.8.8 /etc/apf/*

You may receive a result similar to:

/etc/apf/deny_hosts.rules:# added 8.8.8.8 on 04/25/14 13:42:01 with comment: {bfd.courier}
/etc/apf/deny_hosts.rules:8.8.8.8

The above means that BFD detected a brute force attack from the IP 8.8.8.8 on port 25, and automatically added a rule to APF to prevent future connections specifically from that IP address.

Continue reading “How To Unblock an IP Address in APF”

How To Unblock an IP Address in CSF

CSF is generally considered an advanced firewall given it has many more configuration options than most other software firewalls (such as APF). It’s also still simple enough to install and configure, even for novice system administrators. For a simple overview on how to install and configure CSF and its security plugin LFD (Login Failure Daemon), visit our tutorial.

Check CSF for Your IP Address

Let’s say that you want to check whether or not a specific IP address, maybe 8.8.8.8 , is blocked by CSF. That’s easy!

csf -g 8.8.8.8

Continue reading “How To Unblock an IP Address in CSF”