Control Web Panel

Security => CSF Firewall => Topic started by: vradova on May 21, 2023, 08:19:27 PM

Title: CSF would not block custom port for SSH
Post by: vradova on May 21, 2023, 08:19:27 PM

Hello!

When I create a new server I changed my SSH port from 22 to another one. I have added that port to the list -> Allow incoming TCP ports and that worked OK.

Later today, I try to configure CSF to get access to this port for only two countries and make the change in CSF. When I try to test, that does not work. Then I decided to check and remove my custom SSH port from the list -> Allow incoming TCP ports. I did that, restart CSF, firewall... But that custom port was and is opened even though it was not on the list in ->  Allow incoming TCP ports.

What could be the problem?

I have 3 more servers with CWP Pro and all of them have the same problem...

If someone has the same issue please advice.

Thanks, Vlade.!

Title: Re: CSF would not block custom port for SSH
Post by: Emilius on June 25, 2025, 08:26:13 PM

I can not believe nobody responded on your post. If you still have that problem try this. I had same issue and this fixed for me

In /etc/csf/csf.conf do serch for "RESTRICT_SYSLOG ="

# 0 = Allow those options listed above to be used and configured
# 1 = Disable all the options listed above and prevent them from being used
# 2 = Disable only alerts about this feature and do nothing else
# 3 = Restrict syslog/rsyslog to system logs

RESTRICT_SYSLOG = "3"

If you are only one admin then 0 will be okay otherwise put on 3. Restart firewll, csf -r

Title: Re: CSF would not block custom port for SSH
Post by: Starburst on June 25, 2025, 09:11:07 PM

Make sure you updated your TCP_IN in csf.conf to remove 22, and add the custom port you are using.