I have a question about the operation of the system CSF firewall vs.cPanel's IP Deny Manager.
Say we host 30 domains, and say that two of the domains we host are getting hammered by a single IP - 221.231.103.199
That IP is part of a /24 originating in China.
Now the owners of the domains can go into cPanel IP Deny Manager and add 221.231.103.0/24 in order to block all ip addresses in the /24
But as the system administrator I can go into WHM and put the following entry into CSF Deny IP's
221.231.103.0/24 # do not delete
So my question is this:
If I enter 221.231.103.0/24 # do not delete into CSF via WHM, does that deny the /24 for ALL hosted domains, or does that simply deny the /24 for 'server' things (like root access), and that each domain must individually block 221.231.103.0/24 in cPanel in order to protect themselves? In other words, does a CSF 'deny' globally block access for all hosted domains, or does each domain need to engage in 'local' protection via cPanel IP Deny Manager in order to reject access?
Thanks
CSF Deny IP vs. cPanel IP Deny Manager
Re: CSF Deny IP vs. cPanel IP Deny Manager
"If I enter 221.231.103.0/24 # do not delete into CSF via WHM, does that deny the /24 for ALL hosted domains?"
Yes
Yes
Re: CSF Deny IP vs. cPanel IP Deny Manager
That wasn't the question.
I KNOW that doing /24 will deny for things like e-mail, root access, etc....
My question was more - will it deny http access for all hosted domains, thereby obviating the need for each domain to manage bad IP ranges using cPanel IP Deny Manager.
I KNOW that doing /24 will deny for things like e-mail, root access, etc....
My question was more - will it deny http access for all hosted domains, thereby obviating the need for each domain to manage bad IP ranges using cPanel IP Deny Manager.
-
- Moderator
- Posts: 1524
- Joined: 01 Oct 2008, 09:24
Re: CSF Deny IP vs. cPanel IP Deny Manager
Yes, it will. Blocks are server-wide.