If your public-facing IP address has been blocked in the firewall, the firewall block will need to be removed before you will be able to access the server normally. On a VPS, there is a Console available to you for this purpose. But if your server is a Dedicated Server,1) you will need to open a Support Ticket for assistance.
In order to unblock your IP address, you will first need to know what IP address to be checking for. If you need us to check the firewall for you, we also will need to know your IP address. Here are examples of websites that will tell you your current public-facing IP address:
If you have a VPS, the first step is to open the VPS Console. This article explains how to do that.
Once you are logged in via the VPS Console, it is time to remove the firewall block. First, check whether your server has csf installed. Most of our servers do, but if you are not sure, you can check using
which. If you have csf installed in your server, the results should look like this:
[email protected] [/]# which csf /usr/sbin/csf
If you have csf, then you can use the csf commandline options to unblock your IP, once you know whether it is a temporary or permanent block. That can be done with the
-g option. Remember to replace the IP address in the command with your current public-facing IP address2)
If the block is a temporary block, the results will look like this:
[email protected] [/]# csf -g 184.108.40.206 Chain num pkts bytes target prot opt in out source destination DENYIN 4 3640 218K DROP all -- !lo * 220.127.116.11 0.0.0.0/0 Temporary Blocks: IP:18.104.22.168 Port: Dir:in TTL:604800 (lfd - 22.214.171.124 (RO/Romania/kylesun2.ampnode.com), more than 60 Apache 403 hits in the last 86400 secs)
The last line gives some information about the reason the IP was blocked, which can give you clues on which additional logs may need to be checked. But the block itself can be removed as follows:
[email protected] [/]# csf -tr 126.96.36.199 csf: 188.8.131.52 temporary block removed csf: There are no temporary IP allows
We can check for the IP again to make sure the block was removed:
[email protected] [/]# csf -g 184.108.40.206 Chain num pkts bytes target prot opt in out source destination No matches found for 220.127.116.11 in iptables
If we want to see more details on why the IP was blocked, we will need to check the server logs. In this case it was due to having made too many http requests that resulted in status "403: Forbidden"
Permanent blocks use a different command for removal. Here is an example of the search results for an IP that had a permanent block:
[email protected] [/]# csf -g 18.104.22.168 Chain num pkts bytes target prot opt in out source destination DENYIN 1 0 0 DROP all -- !lo * 22.214.171.124 0.0.0.0/0 DENYOUT 1 0 0 LOGDROPOUT all -- * !lo 0.0.0.0/0 126.96.36.199 csf.deny: 188.8.131.52 # lfd: (PERMBLOCK) 184.108.40.206 (SK/Slovakia/220.127.116.11.host.vnet.sk) has had more than 1 temp blocks in the last 604800 secs - Thu Sep 1 15:35:27 2016
Note how the last line starts with "csf.deny" instead of "Temporary Blocks". In this case if we want to remove the block, we use this command:
[email protected] [/]# csf -dr 18.104.22.168 Removing rule...
As before, we can check to make sure the removal worked:
[email protected] [/]# csf -g 22.214.171.124 Chain num pkts bytes target prot opt in out source destination No matches found for 126.96.36.199 in iptables
As before, if we want to see why the IP had been blocked, we would need to check the server logs. We can see in this case that a permanent block was assigned due to having too many temporary blocks against it, but in this case it happened so long ago that the relevant logs have all rotated, and we will not be able to find the original reason.
If your server is using the CSF/LFD firewall, but your IP address does not show any results when searching for blocks, then it is not an IP-block causing the connection issues. It may be worth checking if the needed ports are open, but it might also be that something other than the firewall is blocking you. If you want to rule out csf as the cause, you can temporarily disable it. However, we strongly recommend before trying this that instead you open a Support Ticket.
Do not leave csf disabled for any longer than is needed. This is meant only as a troubleshooting measure, both temporary and brief.
If you want to temporarily disable the firewall, to check if that makes the difference between whether you are able to access the server, you can use this command:
# csf -x
It is important to re-enable the firewall again as quickly as possible. That can be done as follows:
# csf -e