On certain servers, there are chances of our IP addresses getting blocked when we accidentally enter the wrong password multiple times or when we unintentionally try to ssh via the wrong port multiple times. The IP will be blocked for a certain period of time. If you have faced the same issue then read on to know how to block blacklisted IP addresses on a WHM based GNU/Linux server.
Before trying to solve the problem we have to check the following things to identify where we went wrong:
- Check whether the username and password you entered is correct
- Check whether your passwords have unnecessary spaces.
- Check the default ssh-port
Now lets see how to remove the blocked IP from WHM
- Login to WHM with the username and password
- After logging in to WHM the next step is to find out the ‘Plugins’ option. In the ‘Plugins’ option select ‘ConfigServer Security&Firewall’
Head over to the CSF firewall page and locate the option called Firewall Deny IPs. This is actually an interface to a file called csf.deny which holds all the IP addresses blocked by CSF either on this server, or on one of the associated clusters. We’ll need to take our IP address out of this file before we do anything else.
When you click on this option, the file opens up in the next page. Use the browser search functionality to find the line beginning with the IP address you want to un-block. You can see in the screenshot here, that the IP address I discovered in Google has indeed been blocked. Delete this line entirely and click the “Change” button on the bottom.
After this, you just have to restart CSF. This option will be placed in front of you in the next screen. Simply click the button to restart both CSF and lfd and once done, your IP address should be unblocked once again!
To be on the safe side, once you’ve removed an IP address from csf.deny, you might want to permanently allow it through the firewall. Keep in mind that you might be using a dynamic IP address that changes regularly. If so, this is not a good idea. But if you plan to access the server from a constant IP address – like one used by a VPN for example, here’s how you give it the green signal.
Now try connecting with your IP address and you should be able to acess it:)