How to Whitelist a domain name in CSF

How to Whitelist a domain name in CSF

If you use dynamic DNS privately and need to whitelist a hostname or domain name in cPanel/WHM, you can use the DYNDNS feature of ConfigServer Security and Firewall plugin.

csf.dyndns is a file that is specifically used for allowing hostnames in CSF. The domain names have to be FQDN and you can specify the interval in seconds to re/check the IP of that hostname and update it in the iptables.

Step 1. Login to the server via SSH

Step 2.Open the file “/etc/csf/csf.dyndns” with your favourite editor and add the hostname

nano /etc/csf/csf.dyndns
subdomain.some-site.com

Step 3. Now open file “/etc/csf/csf.conf” and under DYNDNS set the time interval in seconds to poll for a change in the IP address.

nano /etc/csf/csf.conf
DYNDNS = "300"

Step 4. Now restart the firewall for the changes to take effect.

csf -ra

That’s it. The hostnames in csf.dyndns will now be automatically allowed and the rules will refresh every 300 sec.

You can tail the lfd.log to make sure everything is working and if there are failed logins from the hsotname you should see – ignored on each line.

tail -f /var/log/lfd.log

Note: If you also use CPHulk on your cPanel/WHM server you need to disable it because it does not have an ability to whitelist a hostname and will still be triggered even if you are whitelisted in CSF.

Written by
Stefan Pejcic
Join the discussion

I enjoy constructive responses and professional comments to my posts, and invite anyone to comment or link to my site.