How to Allow Ports in APF on your Dedicated Server

By default APF (Advanced Policy Firewall) blocks most ports except those needed for web servers to operate, such as port 80, 443, etc. You may need to open ports for software other than normal web software. Since there is no default way to modify APF within WHM, you can only add IP addresses to the firewall’s whitelist with the following method.

NOTE: This guide requires root access. Root access is included (at no extra charge) with our Dedicated Server, VPS, and Reseller VPS Hosting plans.

Enable access to port number from all IPs

These steps will go over how to open up port 9091 on your Dedicated Server.

  1. Log into your Dedicated Server via SSH as the root user.
  2. Edit the following file with your favorite editor, we will be using vim for this demonstration.
    vim /etc/apf/conf.apf
  3. Search for the term ingress and you should find Common inbound TCP ports (should be around line 360).
    IG_TCP_CPORTS=”20,21,25,53,80,110,143,443,465,587,993,995,2079,
    2080,2082,2083,2086,2087,2095,2096,3306,30000_35000″
  4. Add the port you wish to open, in our case port number 9091 by adding it to the comma seperated list as shown.
    IG_TCP_CPORTS=”20,21,25,53,80,110,143,443,465,587,993,995,2079,
    2080,2082,2083,2086,2087,2095,2096,3306,9091,30000_35000″
  5. Save the file. For vim hit the escape button on your keyboard then type :wq and hit enter.
  6. Save the APF settings by running the following command.
    apf -r
  7. If you look through the output you should see the following line.
    apf(11760): {glob} opening inbound tcp port 9091 on 0/0

Congratulations, now you know how to Allow Ports in APF on your Dedicated Hosting Server from command line!

Leave a Reply