Your connection to this server has been blocked in this server's firewall

  1. Portal Home
  2. Knowledgebase
  3. Your connection to this server has been blocked in this server's firewall
If you or one of your users are receiving a message similar to this when trying to connect to your server then it is very likely that you have been blocked by your server's installation of the CSF firewall and LFD log monitoring system.

Your connection to this server has been blocked in this server's firewall. You need to contact the server owner for further information.
Your blocked IP address is 198.51.100.82
This server's hostname is your.hostname.com


cPanel/WHM

If your server is running cPanel/WHM, then the simplest way to resolve this issue is to access the CSF settings via WHM. Log into your servers WHM panel and search "firewall" in the top search box to filter the navigation menu, and click on the "ConfigServer Security&Firewall" entry under the "Plugins" section.
Use the "Search for IP" feature within WHM to search CSF for any IP blocks that may exist, and remove those blocks if necessary. The CSF search tool won't always tell you why a block was originally put in place so if blocks continue to occur then you may need to search server logs via a command line to establish the root cause of the problem.


Searching CSF with the CLI

You can search CSF to see whether an IP address is currently being blocked (temporarily or permanently) or included in an allow list using the following command:

csf --grep 198.51.100.82

You can also search /var/log/lfd.log for further information about why an IP address was blocked.

grep 198.51.100.82 /var/log/lfd.log


Removing a CSF block with the CLI

To remove a blocked IP via the command line, first start an SSH or console session to your server, then move to the CSF directory (/etc/csf) and run the following command edited to contain the blocked IP address:

csf --denyrm 198.51.100.82

In some cases an IP may only have been blocked temporarily, in which case it can be removed from the temporary deny list using the following command:

csf --temprm 198.51.100.82

The list of denied IPs located at /etc/csf/csf.deny can, if necessary, be edited manually using your text editor of choice. You will then need to reload the firewall rules with:

csf –r


Whitelisting an IP in CSF with the CLI

An IP address can also be 'whitelisted' in one of two ways; by placing it in /etc/csf/csf.allow which allows the traffic through the firewall on any port, or by adding it to /etc/csf/csf.ignore which ensures traffic meets the normal firewall rules but will prevent the IP ever being blocked by LFD.

  Print