How to Check for a Firewall Block
Our cPanel servers come pre-installed with ConfigServer Security & Firewall or 'CSF', which is used for increased server security to block IPs based on suspicious behavior, like trying to login with a failing password too many times within a certain timeframe.
If you're not able to reach your server and think you may be blocked in the firewall, this article will provide the basic steps for checking for and removing that block. For more detailed information on the full features and settings of CSF, please see their documentation here.
First, you'll need to know the public IP address you're connecting from. You can find this by searching online for "what is my IPv4 address" or by checking at the following page on our site:
On the product details page under Control Panel, choose noVNC Console to bring up a command line interface with your server which you can access even if your IP address is blocked on the server itself. This window should show a black screen with white text (you may need to click on window and press a key on your keyboard to see anything show up) with a login prompt. You'll want to use the same credentials as the WHM 'root' user login, so the user is 'root' and the password is your server's root user password. Please keep in mind that the password field will not show any text when typing, not even asterisks (***); this is normal. You'll just need to be careful to type the password accurately.
Once you've logged in, you'll need to run a command to check for a block on your IP address:
csf -g [your IP address]
*do not include the brackets*
This should return some information on whether the IP is blocked or not. If you see a message which starts with "csf.deny: [your IP address]", that would indicate a block. This line should indicate the reason the IP was blocked and when. Please see the CSF documentation linked above for more detailed information on how to read the information returned from a lookup. You can remove a block on an IP with the following command:
csf -dr [your IP address]
*do not include the brackets*
Once that block is removed, you should be able to connect to your server again. If the block on your IP address is a temporary block, then you can flush the temporary blocks with the following command:
For some additional information on using command line, these cPanel articles are a good place to start:
Getting Started with Linux Commands | cPanel Knowledgebase
cPHulk Management on the Command Line | cPanel Knowledgebase
If your IP isn't blocked, but you need to check for an IP address block for another person's connection, you can find the firewall interface in WHM > ConfigServer Security & Firewall. If you start typing "firewall" into the search bar on the left side of WHM, it should narrow down the features enough to locate it easily. On that ConfigServer Security & Firewall page, you'll find a Search for IP option to check for blocks on an IP. The Quick Actions section has unblocking options.
Was this answer helpful?
***THESE STEPS WILL RE-IMAGE YOUR MACHINE AND YOU WILL LOSE PREVIOUSLY STORED DATA. PLEASE USE...
A forward-confirmed reverse DNS check...
1. First you will need to log in to your DotBlock client area,...
1. On the left hand navigation of WHM scroll down to Packages, and select Add Packages. Create a...
1. Log into your client area at http://cp.dotblock.com 2. Click “Manage Servers” at the...