CLI CSF Firewall Whitelist an IP Address Print

  • csf, firewall, whitelist
  • 68

ConfigServer Firewall (CSF) is a powerful software firewall. All managed servers at Greens247 have cPanel and CSF preinstalled. Sometimes CSF can interfere with your server operations because of its default strict policies. You may need to whitelist an IP that you trust to avoid it from getting blocked. This article will explain how to whitelist an IP address using CLI in terminal. If you are for looking to whitelist an IP address in CSF firewall for cpanel using the graphical interface plugin, this is not the right article for you.

Whitelisting an IP address in CSF firewall will prevent the cPanel server from blocking the IP addresses that you trust. Please use this with caution. If a ddos or a bruteforce attack was launched on your server from a whitelisted IP, the server will ignore the attack and will not report it to you.

In order to perform this task, you need to have root access to the server. You will need a terminal text editor like vi, vim, nano and so on.


  1. Login to the server terminal.
  2. Using your favourite text editor open the following file using this command

    sudo vi /etc/csf/csf.allow

  3. Add your IP address to the list, save the file and exit the text editor.
  4. For the changes to take effect, you need to reload the firewall using this command

    sudo csf -r

  5. If your IP address was previously blocked permanently it should be in "csf.deny", so make sure you remove it in order to avoid conflict.

    sudo vi /etc/csf/csf.deny

  6. If you find your IP there you need to remove the entire line, save and exit the text editor.
  7. Reload the csf firewall

    sudo csf -r

You have successfully whitelisted your IP address in CSF firewall using CLI in terminal.

Last modified: June 01, 2020

Was this answer helpful?

« Back