ConfigServer Community Forum

I think it would be possible but maybe somewhat a security risk...but can easily take all pre-cauctions when doing this.

I have a few reseller clients and some of their clients get banned, but they would have to contact me to remove from the deny list and add them to the allow list.

^Only long solution, The fast solution is a "more security risk", Set->Reseller Account with root permissions, Which is total out of the question!

Adding a feature where Resellers can access the CSF but only see Quick Deny and Allow options and this would avoid contacting the owner of the server and giving root access.

I'm sure it's very possible and something I and many others may look forward too.

Something to look into, Let us know.

Thanks,
Cory

As you need root privileges to modify or view iptables entries, this would be too much of a security risk and not something we're looking at developing.

What about some way of the reseller querying cf.deny?

for example:
Reseller is prompted for IP address to check
Hits submit button, and is told either yes or no, and is presented with a link to email root@hostname (or configured address) with a delisting request if IP is blocked?

That way there is no need for root privileges but the reseller can still identify the fact that their client has been blocked and can refer it on to the host.