Block Ports in ConfigServer Security & Firewall (CSF)

There are many security practices for your private cloud hosting. VPS users looking for enhanced security can upgrade Advanced Policy Firewall (APF) to ConfigServer Security & Firewall (CSF). Below we cover how to block VPS ports using CSF.

Temporary Permanent

Note: You’ll need to log into WHM as root and select ConfigServer Security & Firewall. APF users can upgrade if desired.

Temporarily Block Access to a Port

  1. Under csf – ConfigServer Firewall, specify the IP address, port(s), and number of seconds, minutes, hours, or days.
    temporary allow/deny
  2. Press Temporary Allow/Deny.

Specify Open & Closed Ports

  1. Under csf – ConfigServer Firewall, select Firewall Configuration.
  2. Add or remove ports listed in the following sections:
    IPv4 Port Settings – TCP_IN, TCP_OUT, UDP_IN, UDP_OUT
    IPv6 Port Settings – TCP6_IN, TCP6_OUT, UDP_IN, UDP_OUT
  3. Press Change at the bottom, then Restart csf+lfd. Press Return at the bottom.

Further improve your VPS security by scheduling email blacklist reports and configuring cPHulk.

After configuring your firewall, audit your open ports.

Was this article helpful? Let us know!