Allow specific ports for IP addresses in CSF
ConfigServer Security & Firewall (CSF) is one of the most popular free firewalls for Linux servers. Additionally, it integrates with nearly all hosting control panels and allows easy management of IPtables.
This is how to grant access to a specific port to a specific IP address.
1. First, log in to your server via SSH as the root user.
2. Next, open the
/etc/csf/csf.allow file with your favourite text editor.
3. You’ll need to use this syntax to define the allowed port and allowed IP;
Replace “protocol” with the protocol “tcp”, “udp”, “icmp”.
Replace “port” with the port number.
Replace “IP” with the IP address or range that is trying to access this port.
You can add the same rule line by line for each additional IP address you wish to allow access.
As an example, if we want to allow IP address 10.0.0.7 access to MySQL on port 3306 we would add:
4. Finally, restart the CSF to load the new changes:
IP 10.0.0.7 should now have access to port 3306 on this server running CSF.