As a server admin there is always a need to make some modification on the server CSF firewall (Config Server Firewall). By default there are several ports already open on server’s firewall but if you need to open additional ports on server then you have to make some changes on CSF. In this article we are going to explain that how to manually open ports on server firewall through WHM and SSH. There are two ways to configure CSF firewall through: 1) WHM 2) SSH. First we are going to explain how to open ports in WHM:
1. Open ports in firewall via WHM
If you are new with Linux and don’t have good knowledge of commands then you can easily change ports through WHM firewall. Here is the guide to open ports in WHM, you just need to follow below steps:
Now we are going to explain the steps to configure CSF firewall through SSH access:
1. Open ports in firewall via WHM
If you are new with Linux and don’t have good knowledge of commands then you can easily change ports through WHM firewall. Here is the guide to open ports in WHM, you just need to follow below steps:
- Login to WHM.
- Click on “Config Server security and firewall” under Plugins or enter Firewall in search bar.
- Here a new window will appear, click on “Firewall configuration” button to enter in Advanced settings.
- Now check for “Allow incoming TCP ports” and edit the particular field “TCP_IN” to allow incoming ports. By default ports like “20, 21, 25, 53, 110 and more” incoming ports are open.
- Just like TCP incoming ports you can also add TCP outgoing port according to your desire. Then click on “Change” button to save your changes.
- After all the above steps click on “Restart csf+lfd” button.
Now we are going to explain the steps to configure CSF firewall through SSH access:
- Login to SSH.
- Now open csf.conf file through below command:
Code:
/etc/csf/csf.conf
- In this file add the desired port which you want to open and restart the CSF firewall:
Code:
# Allow incoming TCP ports
TCP_IN = "20, 21,22,443,465,587, 143,995,993,25,53,80,110"
# Allow outgoing TCP ports
TCP_OUT = "20,21,443,587,22,25,80,110,43,53"
- Restart the firewall through this command :
Code:
csf -r