---
title: "Block Ports in ConfigServer Security &#038; Firewall (CSF)"
description: "There are many security practices for your private cloud hosting. VPS users looking for enhanced security can upgrade Advanced Policy Firewall (APF) to ConfigServer Security &amp; Firewall (CSF)...."
url: https://www.inmotionhosting.com/support/security/server-security-block-ports-csf/
date: 2019-05-29
modified: 2021-11-19
author: "InMotion Hosting Contributor"
categories: ["Security"]
type: post
lang: en
---

# Block Ports in ConfigServer Security &#038; Firewall (CSF)

There are many [security practices](/support/security/server-security-best-practices/) for your private cloud hosting. VPS users looking for enhanced security can [upgrade Advanced Policy Firewall (APF) to ConfigServer Security & Firewall (CSF)](/support/security/install-csf/). Below we cover how to **block VPS ports using CSF**.

[Temporary](#temporary)
[Permanent](#permanent)

**Note:** You’ll need to [log into WHM as root](/support/edu/whm/log-into-whm/#whm-root-access) and select **ConfigServer Security & Firewall**. APF users can [upgrade if desired](/support/security/install-csf/).

## Temporarily Block Access to a Port

1. Under *csf – ConfigServer Firewall*, specify the **IP address**, **port(s)**, and **number** of seconds, minutes, hours, or days. [![temporary allow/deny](https://www.inmotionhosting.com/support/images/stories/whm/csf/csf-temp-allow-deny.png)](https://www.inmotionhosting.com/support/images/stories/whm/csf/csf-temp-allow-deny.png)
2. Press **Temporary Allow/Deny**.

## Specify Open & Closed Ports

1. Under *csf – ConfigServer Firewall*, select **Firewall Configuration**.
2. Add or remove ports listed in the following sections: IPv4 Port Settings – TCP_IN, TCP_OUT, UDP_IN, UDP_OUT IPv6 Port Settings – TCP6_IN, TCP6_OUT, UDP_IN, UDP_OUT
3. Press **Change** at the bottom, then **Restart csf+lfd**. Press **Return** at the bottom.

Further improve your VPS security by [scheduling email blacklist reports](/support/email/schedule-blacklist-email-reports-csf/) and configuring [cPHulk](/support/product-guides/dedicated-hosting/cphulk).

After configuring your firewall, audit your [open ports](https://www.inmotionhosting.com/support/security/how-to-view-listening-ports-with-configserver-security-firewall-csf/).
