UnixServerAdmin

Server Administration & Management

How to allow only specific countries with CSF

This is assuming you have CSF installed already and setup properly. Assuming that, you will want to go into the configuration via WHM (WHM –> Plugins –> ConfigServer Security & Firewall –> Firewall Configuration) or in SSH via vi /etc/csf/csf.conf

# vi /etc/csf/csf.conf

What you are looking for is CC_ALLOW_FILTER

First, you will want to get a list of ISO Country Codes to allow.

For example, if you only wanted United States, Canada, Great Britian, Australia, and Mexico to be whitelisted, you would specify:

US,CA,GB,AU,MX

What this will do is download a list of IP ranges belonging to those countries, then add them to a whitelist, and deny everything else, that is, deny all other countries’ IP ranges. So, India will not be able to connect to your server, Russia will not be able to connect, etc..

Once you have change this in your configuration, don’t forget to restart your firewall to apply the new configuration.

Advertisements

May 16, 2011 Posted by | CSF, Firewall | , , | 1 Comment