Allowing Ports in APF

by InMotion Hosting Contributor

1 Minutes, 33 Seconds to Read

Allow Ports in APF Hero Image

One of the most important aspects of server security is the firewall server configuration. Generally speaking, firewalls function by preventing unauthorized traffic from accessing your server. By default, APF (Advanced Policy Firewall) blocks most ports except those needed for web servers to operate, such as port 80, 443, etc. Occasionally, you may need to open ports for specific software operations. Unfortunately, as there is no default way to modify APF within WHM, you can only add IP addresses to the firewall’s whitelist via the command-line interface. In this article, we will outline the process of allowing specific ports in APF.

Allow Access to a Specific Port from all IPs

  1. First, log into your Dedicated Server via SSH as the root user.
     
  2. Next, edit the following file with a text editor. In the below example, we will be using vim. 
    vim /etc/apf/conf.apf
  3. Once you are editing the file, search for the term ingress. Within the conf.apf file you should find common inbound TCP ports.
  4. Next, add the port you wish to open by adding it to the comma separated list as shown below:
    IG_TCP_CPORTS="20,21,25,53,80,110,143,443,465,587,993,995,2079,
    2080,2082,2083,2086,2087,2095,2096,3306,9091,30000_35000"
  5. Once done, save the file.
     
  6. Finally, save the new APF settings by running the following command. 
    apf -r
  7. If you look through the output you should see the following line:
    apf(11760): {glob} opening inbound tcp port 9091 on 0/0

Congratulations, now you know how to allow ports in APF via the command line! Using this process, you can open up specific ports to facilitate the usage of various applications that do not rely on the standard default ports. When modifying your firewall, it is important to ensure that you are only accepting legitimate traffic. By paying attention to the security requirements of the software you’re using you can ensure that your APF setup is configured correctly.

Need more help with APF? Familiarize yourself with some basic APF commands!

Share this Article
InMotion Hosting Contributor
InMotion Hosting Contributor Content Writer

InMotion Hosting contributors are highly knowledgeable individuals who create relevant content on new trends and troubleshooting techniques to help you achieve your online goals!

More Articles by InMotion Hosting
Related Articles
Content Security Policy (CSP) Headers – Complete Reference Guide
Why You Need To Keep Your Website’s PHP Version Up-to-Date
Learning About Mod_security and Disabling Mod_security
Close Open Ports for PCI Compliance
How to Pass PCI Compliance Scans
DDoS Protection Using Corero
How to Open a Port in Firewalld
Secure Your Debian Cloud Server With UFW (Uncomplicated Firewall)
How to Open a Port in UFW
WP Cerber Security Antispam and Bot Detection Settings

2 thoughts on “Allowing Ports in APF

    1. Sorry to hear that, Sabrina. Could you please provide more information on exactly what you’re trying to do and what error you are receiving so that we can suggest a fix?

Comments are closed.

Need More Help?

Current Customers

Chat: Chat with Sales
Call: 757-416-6575 x2
Ticket: Submit a Support Ticket

Get Reliable Web Hosting

Chat: Chat with Sales
Email: [email protected]
Call: 757-416-6575 x1

Get web hosting that grows with your business. Our all-in-one hosting platform gives you everything your website needs to scale - so you can focus on the next big thing for you and your business.