CSF Deny IP vs. cPanel IP Deny Manager
Posted: 02 May 2015, 14:41
I have a question about the operation of the system CSF firewall vs.cPanel's IP Deny Manager.
Say we host 30 domains, and say that two of the domains we host are getting hammered by a single IP - 221.231.103.199
That IP is part of a /24 originating in China.
Now the owners of the domains can go into cPanel IP Deny Manager and add 221.231.103.0/24 in order to block all ip addresses in the /24
But as the system administrator I can go into WHM and put the following entry into CSF Deny IP's
221.231.103.0/24 # do not delete
So my question is this:
If I enter 221.231.103.0/24 # do not delete into CSF via WHM, does that deny the /24 for ALL hosted domains, or does that simply deny the /24 for 'server' things (like root access), and that each domain must individually block 221.231.103.0/24 in cPanel in order to protect themselves? In other words, does a CSF 'deny' globally block access for all hosted domains, or does each domain need to engage in 'local' protection via cPanel IP Deny Manager in order to reject access?
Thanks
Say we host 30 domains, and say that two of the domains we host are getting hammered by a single IP - 221.231.103.199
That IP is part of a /24 originating in China.
Now the owners of the domains can go into cPanel IP Deny Manager and add 221.231.103.0/24 in order to block all ip addresses in the /24
But as the system administrator I can go into WHM and put the following entry into CSF Deny IP's
221.231.103.0/24 # do not delete
So my question is this:
If I enter 221.231.103.0/24 # do not delete into CSF via WHM, does that deny the /24 for ALL hosted domains, or does that simply deny the /24 for 'server' things (like root access), and that each domain must individually block 221.231.103.0/24 in cPanel in order to protect themselves? In other words, does a CSF 'deny' globally block access for all hosted domains, or does each domain need to engage in 'local' protection via cPanel IP Deny Manager in order to reject access?
Thanks