Block Ports in ConfigServer Security & Firewall (CSF)

There are many security practices for your private cloud hosting. VPS users looking for enhanced security can upgrade Advanced Policy Firewall (APF) to ConfigServer Security & Firewall (CSF). Below we cover how to block VPS ports using CSF.

Temporary Permanent

Note: You’ll need to log into WHM as root and select ConfigServer Security & Firewall. APF users can upgrade if desired.

Temporarily Block Access to a Port

  1. Under csf – ConfigServer Firewall, specify the IP address, port(s), and number of seconds, minutes, hours, or days.
    temporary allow/deny
  2. Press Temporary Allow/Deny.

Specify Open & Closed Ports

  1. Under csf – ConfigServer Firewall, select Firewall Configuration.
  2. Add or remove ports listed in the following sections:
    IPv4 Port Settings – TCP_IN, TCP_OUT, UDP_IN, UDP_OUT
    IPv6 Port Settings – TCP6_IN, TCP6_OUT, UDP_IN, UDP_OUT
  3. Press Change at the bottom, then Restart csf+lfd. Press Return at the bottom.

Further improve your VPS security by scheduling email blacklist reports and configuring cPHulk.

Leave a Reply