View all posts

Allow specific ports for IP addresses in CSF

ConfigServer Security & Firewall (CSF) is one of the most popular free firewalls for Linux servers. Additionally, it integrates with nearly all hosting control panels and allows easy management of IPtables.

This is how to grant access to a specific port to a specific IP address.

1. First, log in to your server via SSH as the root user.

ssh root@server-ip

2. Next, open the /etc/csf/csf.allow file with your favourite text editor.

vim /etc/csf/csf.allow

3. You’ll need to use this syntax to define the allowed port and allowed IP;

protocol:in:d=port:s=ip

Replace “protocol” with the protocol “tcp”, “udp”, “icmp”.
Replace “port” with the port number.
Replace “IP” with the IP address or range that is trying to access this port.

You can add the same rule line by line for each additional IP address you wish to allow access.

As an example, if we want to allow IP address 10.0.0.7 access to MySQL on port 3306 we would add:

tcp:in:d=3306:s=10.0.0.7

4. Finally, restart the CSF to load the new changes:

csf -r

That’s it!

IP 10.0.0.7 should now have access to port 3306 on this server running CSF.

Related Articles...

How to sync server time

How to sync server time in CentOS & AlmaLinux

The NTP protocol synchronises the clocks of computers over a network. In this article, we will show you how to quickly sync the server time. Many systems-related tasks and processes require the correct timezone. For example, the cron daemon uses... Read more

This website uses cookies

We use cookies for the analysis of our visitor data, to improve our website, and to give you a great website experience. For more information about the cookies we use, please see our cookie policy.