Steps to check whether the IP address is blacklisted or not in CSF

Steps to check whether the IP address is blacklisted or not in CSF

Server may face some problems due to external IP. CSF will block external IP in order to protect server from few problems like,
  • Multiple login failure
  • Hacking
After the immediate installation of WHM onto server, download and configure CSF firewall. The best way to overcome this problem is Synchronizing IP address whitelists and blacklists. This may still has some issues. It might be easier for user to lock them out of cPanel or WHM installation. The chances are using wrong user name and wrong password. Anyways, this way will be the best to unblock an IP address within WHM using CSF. Know the IP address and log in.

Get IP Address and Logging In:

Initially find out whether the IP address is blocked. There are two alternative ways to find this. If you are behind router, your internal IP address will be locally invisible to the public internet. Open Google and type as “What is IP Address”. If you have got this information, log in into WHM using other address. You may also try to log in into VPN. Obtaining IP address may be tough, if you don’t have internet connection. In this situation, one should try out logging in from Virtual Private Network. If the VPN services are more familiar, its IP addresses may be blocked.

Firewall Configuration:

There will be an option called Firewall Deny IP. If you click on this option, the file opens up in the next page. Use the browser search functionality to find the IP address to un-block. After finishing this step, restart CSF. This option will be visible in the next screen. Click that button to restart CSF and lfd. If it is done, IP address will be unblocked.

Anyone can hack each and every detail about the IP block from “Ifd” log. Follow the reasons explained below in order to resolve IP block.

CSF Log File Details:

Records regarding CSF and LFD will be usually given in a file under “/var/log”. The log file for CSF and LFD is,

“/var/log/lfd.log”

How Will You Find Out Whether The IP Address Is Blacklisted in CSF or Not?

It is important to find out whether the IP address is blacklisted in CSF or not. There are three ways to find out if the detail of IP address is blacklisted in CSF.

Method1:

WHM:

Through WHM, it is very easy to find out whether the IP address is blacklisted in CSF. It is necessary to follow certain steps in order to find through WHM.

Steps:
  • Log in into WHM control panel
  • Search “Config Server Security and Firewall” from the search tool bar.
firewall.png

  • This option will usually occur in the left side of the WHM menu. Use Search Option from IP tool to get the details of IP block on the server.
firewall2.png

Method 2:

Command Line Options:

Use switch ‘g’ with CSF command.

Steps:

Install SSH to server and mention it as root user and run the command.

Code:
# csf –g IP-Address
Method 3:

Grep IP Address

Grep the IP address details from the log file “/var/log/lfd.log”.

Follow this command,

Code:
# grep ‘IP-Address’ /var/log/lfd.log
If you have doubt on whether the IP address is black listed in CSF or not, use the above mentioned methods. With these methods, it is very easy to find out whether the CSF has the IP Address or not.
Author
bhawanisingh
Views
6,471
First release
Last update
Rating
0.00 star(s) 0 ratings
Top