Control Web Panel

Security => CSF Firewall => Topic started by: internetuser on December 14, 2017, 11:54:01 AM

Title: ip deny /allow access
Post by: internetuser on December 14, 2017, 11:54:01 AM

hi,

how can i allow access only to specific countries and deny it to the rest of them !

thanks

Title: Re: ip deny /allow access
Post by: Jae on December 15, 2017, 04:37:06 AM

edit file /etc/csf/csf.conf

this example will only allow any ips from India and Indonesia, other blocked
CC_ALLOW = "IN,ID"

pls be aware, as most ips blocked, network perfomance will greatly affected.

Title: Re: ip deny /allow access
Post by: internetuser on February 02, 2018, 07:30:17 PM

Thanks Jae for your help, i will try this option to see if it helps secure the server a bit more, if i see any network issue i'll think of something different.

Title: Re: ip deny /allow access
Post by: zenben on November 22, 2018, 07:08:41 AM

Be careful!!!
I once blocked several countries in my /etc/csf/csf.conf.
CC_DENY = "CN,IN,RO,RU,BR,UA,NL,UK"

And then a few days later AutoSSL (renewal of SSL certificates) wasn't working anymore.
I WAS UNABLE to create new SSL certificates!

I've found out that blocking NL (Netherlands) was the root cause for it.
Let's Encrypt is located in NL and it needs to connect to generate SSL certificates!

Furthermore the support wrote me the following »
(https://cdn.pbrd.co/images/HOj2ims.png)

So keep that in mind  ;)