Search The Hostwinds Guides Knowledge Base

Hostwinds Main GuideGeneral GuidesWHM (Web Host Manager)PluginsHow To Check and Unblock an IP from WHM

How To Check and Unblock an IP from WHM

Share This Article

In order to improve security with cPanel / WHM, it is common to have a firewall installed. The most common being ConfigServer Security & Firewall. Otherwise known as csf. While this firewall is intended to prevent malicious users from gaining unauthorized access to the server, sometimes it might kick you out as well, as it may think you are an attacker. Usually this will happen if there are too many incorrect login attempts for cPanel, or even when trying to access email through webmail, from your mobile device or another email client. If this happens, you are able to unblock the IP address (and if desired, permanently allow access from your IP address).

How To Access ConfigServer Security & Firewall (CSF)

If you have ConfigServer Firewall installed in your WHM as a plugin, this will be able to be easily accessed from WHM.

Step One: Login to your WHM Dashboard for your server

Step Two: In the upper left, there will be an text box that can be used to search for Menu Items. To quickly find CSF, simply type ‘configserver

WHM ConfigServer Firewall Menu Location (CSF)

How Do I Check If My IP is Blocked?

Once you have navigated through to ConfigServer Security & Firewall, you will be able to check if the IP has been blocked. (This can also be used to check if there are any Temporary or Permanent Allows in the Firewall for the IP address as well)

Step One: From the Firewall management page, you will want to scroll down to Search for IP, it should look similar to the following:

WHM ConfigServer Firewall Search For IP Address

Step Two: In the empty text input, paste your IP address of the computer that has been blocked.

To find the public IP address of your local computer, you can search ‘ip‘ on Google and it will show you your IP address. Alternatively, https://whatsmyip.com/ may work as well.

Step Three: Once you have entered in your IP address, click on Search for IP. This will take you to a new page with the report of the scan

This report will show you if there are any Permanent or Temporary Allows or Blocks on the IP address. In the case of the image above, the IP address had been Temporarily Blocked as it had failed 15 cPanel Login attempts in the past hour.

How To Unblock An IP Address

Using ConfigServer Security & Firewall in WHM

Using the above method can be used to check if the IP address is blocked in the firewall. If it does show up in the Firewall, there will be a button towards the bottom of the Report to Unblock the IP address. Clicking on this will Unblock the IP address:

WHM ConfigServer Firewall Quick Unblock IP Address

Using Command Line via VNC

If you are on the same computer that has been blocked from accessing the server in the Firewall, you will not be able to proceed with the steps as listed above, as you are blocked from the server. Though you should still be able to access the Server through VNC (if on a VPS, this is done from the Cloud Control, if on a Dedicated Server, this would be in the Console which can be accessed from the Client Area)

Cloud VPS

Step One: From your Hostwinds Client Area, navigate to the Cloud Control -> Cloud Portal menu option

Cloud Control Cloud Portal Location Image

Step Two: From the cloud portal, click the Actions button to the right of the VPS that has the Firewall, then from the Drop down select Get VNC. Once you have the VNC Window Open you can proceed with steps Three and Four

Cloud Control Server List Actions Get VNC Option Location

If you do not see the VNC Pop Up Window make sure that you have Pop ups enabled for the site.

Dedicated Server

Step One: From your Hostwinds Client area, click on the Green Manage button to the right of the dedicated server that you have been blocked from

Hostwinds Client Area Green Manage Product Button Location

Step Two: On the next page you should see a button lower down, under Server Management, to get the VNC / Console Link. This will be Get Console Link. After clicking on that it may take a few seconds, but there will be a link to access the VNC. Once you are there, you can proceed with the next steps.

Hostwinds Client Area Dedicated Server Get Console Link Button Location

Step Three: From VNC, you will type the login credentials for the server. By default, the username will be root. When typing the password, it will look like nothing is being typed, however this is for security. The characters being typed are still going through. (If you feel you messed up on the password, there is no such thing as too many backspaces)

Step Four: Once you have logged in successfully into the Command Line, you will want to type the following command to unblock your IP address:

Replace <IP ADDRESS>  with your local IP address.

After entering in that command, if your IP address was blocked before, it should no longer be blocked. (For preventing the IP from getting blocked in the future, refer to the steps below). In order for the change to go into effect however, there is another command that must be run:

This will restart the firewall so the change goes into effect.

How To Prevent An IP Address From Getting Blocked?

Once you have unblocked the IP address, you may want to add an Allow in the Firewall so that it doesn’t get blocked again. For example, if you unblock an IP that had too many incorrect login attempts, and the IP does another failed login, it risks getting blocked in the firewall again. An easy way to prevent this from happening is either adding a Temporary or Permanent allow for the IP address. (A Permanent allow is recommended for Home IP addresses that you will always trust, otherwise a Temporary allow will do)

Adding a Temporary Allow

Step One: Using the Steps above, navigate through to the ConfigServer Security & Firewall page.

Step Two: Scroll down on the page until you are able to find the Temporary Allow / Deny option.

WHM ConfigServer Firewall Temporary Allow Block IP Address

Step Three: Select Allow from the first Drop down box. Enter in the IP address that had been previously blocked, or one you would not want to get blocked. Then in the 4th box (the 3rd can be left as Default, unless only certain ports should be allowed / denied), enter in the amount of time that you would like the Temporary Allow to be in. From the next drop down box, you can select whether this is in Seconds, Minutes, Hours, or even Days to have the Temporary Allow in place. Typically 2 – 12 hours should suffice for Temporary Allows. You can also add a Comment for this Temporary Allow as well (This will show up when searching for the IP, to give a brief reason as to why this Temporary Allow / Deny was added).

Step Four: Once you have filled out the fields to your liking, simply click on Temporary Allow/Deny. This will add it, and make the new rule effective immediately

If the IP address is currently blocked in the Firewall, the Allow will have no effect until the IP has been unblocked.

Adding a Permanent Allow

Step One: Using the Steps above, navigate through to the ConfigServer Security & Firewall page.

Step Two: Scroll down on the page until you are able to find the Quick Allow option.

WHM ConfigServer Firewall Quick Allow IP Address Default

Step Three: Enter in the IP address that you would like to add the Allow for into the Green Input box.

Step Four: Add a comment to easily identify this Allow later on if needed. For example, “Work Computer” or “Home Laptop“.

Step Five: Click on Quick Allow. This will add the Allow for the IP address and should be effective immediately. This rule will remain in place until explicitly removed.

Related Articles:

If you should have any questions or would like assistance, do feel free to contact us through Live Chat, on our Phones, or by submitting a ticket with our Technical Support team.