How to Deny (Block) Traffic by Country using WHM’s CSF Firewall

January 9, 2023 / cPanel & WHM

This guide illustrates how to block traffic by country using the CSF firewall. The ability to control and filter traffic at the country level is one of the most frequently requested capabilities for cPanel servers that you can carry out using the Webhost Manager Plugin for ConfigServer Firewall (CSF).

The most frequent reasons for a server administrator to block traffic from a certain country include:

  1. Lowering bandwidth usage.
  2. Reduced security threats.
  3. Confirm that a site’s content may be viewed in areas where it is permissible.

Furthermore, while selecting to filter traffic at the national level, there are several important factors to consider:

  1. Some web services and ISPs assign non-geographic IP addresses to their customers.
  2. For country-level blocks, the CIDR range lists are not always accurate.
  3. The true location of a visitor can be concealed via proxy services and virtual private networks.
  4. Filtering at the country level only affects inbound connections. Traffic heading out is unaffected.
  5. The performance of your websites will suffer if you use country-level filtering, and you will notice slower response times.

Here we are assuming that you already have CSF installed on your cPanel server, so let us follow the steps to block traffic by country using the CSF firewall:

  1. Log in to WHM.
  2. Find and select the “Plugins” option.
  3. Click on the “ConfigServer Security & Firewall” sub-option.
    ConfigServer
  4. You will enter the the “ConfigServer security & firewall” page.ConfigServer security
  5. Scroll down and choose the “csf – ConfigServer Firewall” option, then click on the “Firewall configuration” option.Firewall configuration
  6. You will find two options:
    Options
    5.1) CC_DENY=
    a) Two-letter country codes, such as “US” for the United States of America, “GB” for Great Britain, and “DE” for Germany, are accepted in the CC DENY field.
    b) You can block access to multiple nations by separating them with commas and leaving no spaces, for example, “US, GB, DE” to block access to the US, Great Britain, and Germany.
    5.2) CC_ALLOW=
    a) The CC ALLOW field should NOT be used to enable traffic by country code. CC ALLOW overrides any port and protocol rules in place and opens the firewall to all traffic on all ports coming from the countries indicated.
  7. Scroll down and click on the “Change” button as shown in the image given below.
    change
  8. You will get a message that the changes have been saved and that you should restart csf and lfd.
  9. Click on the “Restart csf+lfd” button.
    Restart

Note- You may find a list of ISO 3166-1 alpha-2 codes at https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2

This way you can deny or block traffic by country using the CSF Firewall in WHM. If you have any query, please, contact our support team they will surely help you out.

Looking to apply more detailed firewall rules? Learn how with our comprehensive guide: Applying Firewall Rules

Spread the love