CyberPanel follows deny all rules except for the ports opened by default, you can see default opened ports at: Server > Security > Firewall
Available Functions
Stop Firewall.
Start Firewall.
Reload.
Add/Delete Rules.
Add Firewall Rule
As I’ve mentioned above, CyberPanel follows deny all rules, so if you want to allow any port you can add from Server > Security > Firewall .
Give this rule a name.
Select protocol from dropdown either tcp or udp .
Enter which port to open for specified protocol.
Click ‘ADD’.
This will add rule and reload firewall.
Delete Firewall Rule
Just click on the cross on right side of the rule, this will delete the rule and reload firewall.
1 Like
zkhseo
March 28, 2022, 3:38pm
#2
Dear Sir , Compare to UFW of Ubuntu, I do not like this FireWall, Few Functions. You See, I stop it . After I reboot the VPS or Machine, FireWall is turn to Status ON.
How Can I Delete this FireWall forever?
systemctl stop firewalld
systemctl disable firewalld
zkhseo
March 28, 2022, 11:09pm
#4
Many Many Thanks for your Command!
It is very very Great Help for me.
1 Like
Kobbe
June 13, 2022, 11:07am
#5
I guess I’m at the wrong page because Server > Security > Firewall takes me to the screenshot below
Kindly help me
kooler
July 10, 2022, 10:44am
#6
There’s no option to add rule or i am also missing it. Can you guys point to the right direction?
kooler
July 10, 2022, 4:44pm
#7
Ok I have found the solution for how to block certain port on certain ip.
Things to note:
csf works by allowing one ip and/or port while blocking all others.
The fix was rather simple but i almost lost my server in process while trying to manually adjust iptables. It just wouldn’t work.
csf disables firewalld & modifies iptables rules by it self.
To allow certain port on one or range of ip’s do the following:
Run
sudo nano /etc/csf/csf.allow
Add entry like below to the above file. Format: tcp/udp|in/out|s/d=port|s/d=ip.
Example: we want to block port 22 on one of the ip 192.168.0.5.
tcp|in|d=22|d=192.168.0.5
Edit /etc/csf/csf.conf or if you have access to csf panel edit it there. Remove port under tcp_in or tcp_out
nano /etc/csf/csf.conf
find tcp_in port 22 and remove it
You can use the above method for any allow/deny entry etc. See readme on csf for more details, it is a very well written document.