{"id":23088,"date":"2025-07-11T14:44:28","date_gmt":"2025-07-11T14:44:28","guid":{"rendered":"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/?lw_help_doc=security\/firewall-management"},"modified":"2026-07-02T13:27:26","modified_gmt":"2026-07-02T17:27:26","slug":"firewall-management","status":"publish","type":"lw_help_doc","link":"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/hosting\/security\/firewall-management\/","title":{"rendered":"Firewall Management"},"content":{"rendered":"\n<p class=\"wp-block-paragraph\">Your firewall is the gatekeeper of your server security. It acts as a protective barrier between your trusted data and the outside internet, automatically blocking malicious traffic and preventing unauthorized access.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Whether you use our Cloud Firewall, a hardware firewall, or software like CSF or Windows Firewall, proper configuration is essential. <\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n<div class=\"kb-row-layout-wrap kb-row-layout-id385286_64dd8f-d2 alignnone wp-block-kadence-rowlayout\"><div class=\"kt-row-column-wrap kt-has-1-columns kt-row-layout-equal kt-tab-layout-inherit kt-mobile-layout-row kt-row-valign-top kb-theme-content-width\">\n<p class=\"wp-block-paragraph\">Firewall Management Articles<\/p>\n<div class=\"wp-block-query is-layout-flow wp-block-query-is-layout-flow\">\n<div class=\"help-docs__post-count-badge is-style-pill wp-block-tribe-query-results-count\">\n\t<p>27 results<\/p>\n<\/div>\n<\/div>\n<p class=\"wp-block-paragraph\">This collection of guides will empower you to choose the right firewall, configure your rules, and manage ports to keep your infrastructure secure.<\/p>\n<div data-wp-context=\"{}\" data-wp-interactive=\"core\/query\" data-wp-key=\"0\" data-wp-router-region=\"query-0\" class=\"wp-block-query is-layout-flow wp-block-query-is-layout-flow\"><ul class=\"wp-block-post-template is-layout-flow wp-block-post-template-is-layout-flow\"><li data-wp-key=\"post-template-item-24098\" class=\"wp-block-post post-24098 lw_help_doc type-lw_help_doc status-publish hentry vertical-hosting lw_resource_category-firewalls lw_resource_category-whm lw_resource_section-security\">\n<h2 class=\"wp-block-post-title\"><a href=\"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/hosting\/security\/firewall-management\/configserver-security-firewall-csf\/adjusting-lfd-notifications-for-load-levels\/\" target=\"_self\" >Adjusting LFD Notifications for Load Levels<\/a><\/h2>\n\n<div class=\"wp-block-post-excerpt\"><p class=\"wp-block-post-excerpt__excerpt\">LFD monitors server security and load levels. Adjust PT_Load_Level in WHM to prevent false positives by matching it to the server&#8217;s CPU cores. <\/p><\/div>\n\n<a class=\"wp-block-read-more\" href=\"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/hosting\/security\/firewall-management\/configserver-security-firewall-csf\/adjusting-lfd-notifications-for-load-levels\/\" target=\"_self\">Read more<span class=\"screen-reader-text\">: Adjusting LFD Notifications for Load Levels<\/span><\/a>\n<\/li><li data-wp-key=\"post-template-item-24099\" class=\"wp-block-post post-24099 lw_help_doc type-lw_help_doc status-publish hentry vertical-hosting lw_resource_category-firewalls lw_resource_category-server-management lw_resource_category-tutorials lw_resource_section-security\">\n<h2 class=\"wp-block-post-title\"><a href=\"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/hosting\/security\/firewall-management\/configserver-security-firewall-csf\/allowing-port-access-by-ip-address-in-csf\/\" target=\"_self\" >Allowing Port Access by IP Address in CSF<\/a><\/h2>\n\n<div class=\"wp-block-post-excerpt\"><p class=\"wp-block-post-excerpt__excerpt\">Each open firewall port is a potential vulnerability. It&#8217;s vital to keep all ports closed except for those essential for your server&#8217;s applications. <\/p><\/div>\n\n<a class=\"wp-block-read-more\" href=\"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/hosting\/security\/firewall-management\/configserver-security-firewall-csf\/allowing-port-access-by-ip-address-in-csf\/\" target=\"_self\">Read more<span class=\"screen-reader-text\">: Allowing Port Access by IP Address in CSF<\/span><\/a>\n<\/li><li data-wp-key=\"post-template-item-24100\" class=\"wp-block-post post-24100 lw_help_doc type-lw_help_doc status-publish hentry vertical-hosting lw_resource_category-firewalls lw_resource_section-security\">\n<h2 class=\"wp-block-post-title\"><a href=\"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/hosting\/security\/firewall-management\/configserver-security-firewall-csf\/backing-up-your-csf-firewall-configuration\/\" target=\"_self\" >Backing Up Your CSF Firewall Configuration<\/a><\/h2>\n\n<div class=\"wp-block-post-excerpt\"><p class=\"wp-block-post-excerpt__excerpt\">Before modifying CSF firewall settings, backup the current configuration. It ensures site protection if changes lead to unexpected issues, aiding troubleshooting. <\/p><\/div>\n\n<a class=\"wp-block-read-more\" href=\"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/hosting\/security\/firewall-management\/configserver-security-firewall-csf\/backing-up-your-csf-firewall-configuration\/\" target=\"_self\">Read more<span class=\"screen-reader-text\">: Backing Up Your CSF Firewall Configuration<\/span><\/a>\n<\/li><li data-wp-key=\"post-template-item-24109\" class=\"wp-block-post post-24109 lw_help_doc type-lw_help_doc status-publish hentry vertical-hosting lw_resource_category-firewalls lw_resource_section-security\">\n<h2 class=\"wp-block-post-title\"><a href=\"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/hosting\/security\/firewall-management\/windows-firewall\/blocking-ip-addresses-using-windows-firewall\/\" target=\"_self\" >Blocking IP Addresses Using Windows Firewall<\/a><\/h2>\n\n<div class=\"wp-block-post-excerpt\"><p class=\"wp-block-post-excerpt__excerpt\">Your Windows server&#8217;s firewall guards against malicious attacks, enforcing rules to block unauthorized access and potentially harmful IP addresses. <\/p><\/div>\n\n<a class=\"wp-block-read-more\" href=\"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/hosting\/security\/firewall-management\/windows-firewall\/blocking-ip-addresses-using-windows-firewall\/\" target=\"_self\">Read more<span class=\"screen-reader-text\">: Blocking IP Addresses Using Windows Firewall<\/span><\/a>\n<\/li><li data-wp-key=\"post-template-item-24101\" class=\"wp-block-post post-24101 lw_help_doc type-lw_help_doc status-publish hentry vertical-hosting lw_resource_category-firewalls lw_resource_section-security\">\n<h2 class=\"wp-block-post-title\"><a href=\"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/hosting\/security\/firewall-management\/configserver-security-firewall-csf\/blocking-traffic-by-country-in-the-csf-firewall\/\" target=\"_self\" >Blocking Traffic by Country in the CSF Firewall<\/a><\/h2>\n\n<div class=\"wp-block-post-excerpt\"><p class=\"wp-block-post-excerpt__excerpt\">Using CSF in WHM, filter and manage traffic by country. This helps with bandwidth, security, and content access but requires careful consideration. <\/p><\/div>\n\n<a class=\"wp-block-read-more\" href=\"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/hosting\/security\/firewall-management\/configserver-security-firewall-csf\/blocking-traffic-by-country-in-the-csf-firewall\/\" target=\"_self\">Read more<span class=\"screen-reader-text\">: Blocking Traffic by Country in the CSF Firewall<\/span><\/a>\n<\/li><li data-wp-key=\"post-template-item-23592\" class=\"wp-block-post post-23592 lw_help_doc type-lw_help_doc status-publish hentry vertical-hosting lw_resource_category-firewalls lw_resource_category-security lw_resource_section-security\">\n<h2 class=\"wp-block-post-title\"><a href=\"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/hosting\/security\/firewall-management\/cloud-firewall\/\" target=\"_self\" >Cloud Firewall<\/a><\/h2>\n\n<div class=\"wp-block-post-excerpt\"><p class=\"wp-block-post-excerpt__excerpt\">Use our Cloud Firewall to block threats before they reach your server. Learn to configure rules, manage ports, and enhance your cloud security. <\/p><\/div>\n\n<a class=\"wp-block-read-more\" href=\"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/hosting\/security\/firewall-management\/cloud-firewall\/\" target=\"_self\">Read more<span class=\"screen-reader-text\">: Cloud Firewall<\/span><\/a>\n<\/li><li data-wp-key=\"post-template-item-24108\" class=\"wp-block-post post-24108 lw_help_doc type-lw_help_doc status-publish hentry vertical-hosting lw_resource_category-security lw_resource_section-security\">\n<h2 class=\"wp-block-post-title\"><a href=\"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/hosting\/security\/firewall-management\/configserver-exploit-scanner-cxs\/configserver-exploit-scanner\/\" target=\"_self\" >ConfigServer eXploit Scanner (CXS): your website&#8217;s security watchdog<\/a><\/h2>\n\n<div class=\"wp-block-post-excerpt\"><p class=\"wp-block-post-excerpt__excerpt\">CXS is your server&#8217;s watchdog, scanning for malware, quarantining threats, and monitoring files in real-time to keep your website secure. <\/p><\/div>\n\n<a class=\"wp-block-read-more\" href=\"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/hosting\/security\/firewall-management\/configserver-exploit-scanner-cxs\/configserver-exploit-scanner\/\" target=\"_self\">Read more<span class=\"screen-reader-text\">: ConfigServer eXploit Scanner (CXS): your website&#8217;s security watchdog<\/span><\/a>\n<\/li><li data-wp-key=\"post-template-item-23594\" class=\"wp-block-post post-23594 lw_help_doc type-lw_help_doc status-publish hentry vertical-hosting lw_resource_category-firewalls lw_resource_category-security lw_resource_section-security\">\n<h2 class=\"wp-block-post-title\"><a href=\"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/hosting\/security\/firewall-management\/configserver-security-firewall-csf\/\" target=\"_self\" >ConfigServer Security &#038; Firewall (CSF)<\/a><\/h2>\n\n<div class=\"wp-block-post-excerpt\"><p class=\"wp-block-post-excerpt__excerpt\">Harden your Linux server with CSF. Our guides show you how to install, configure, and manage this powerful firewall and security application. <\/p><\/div>\n\n<a class=\"wp-block-read-more\" href=\"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/hosting\/security\/firewall-management\/configserver-security-firewall-csf\/\" target=\"_self\">Read more<span class=\"screen-reader-text\">: ConfigServer Security &#038; Firewall (CSF)<\/span><\/a>\n<\/li><li data-wp-key=\"post-template-item-24097\" class=\"wp-block-post post-24097 lw_help_doc type-lw_help_doc status-publish hentry vertical-hosting lw_resource_category-firewalls lw_resource_section-security\">\n<h2 class=\"wp-block-post-title\"><a href=\"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/hosting\/security\/firewall-management\/cloud-firewall\/configuring-your-cloud-firewall\/\" target=\"_self\" >Configuring Your Cloud Firewall<\/a><\/h2>\n\n<div class=\"wp-block-post-excerpt\"><p class=\"wp-block-post-excerpt__excerpt\">Firewalls safeguard servers by filtering network traffic based on rules. All Liquid Web servers have a software firewall; Linux servers typically have CSF, while Cloud servers can add an extra layer of protection with a Cloud firewall. It&#8217;s advisable to use both CSF and the Cloud firewall for enhanced security. <\/p><\/div>\n\n<a class=\"wp-block-read-more\" href=\"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/hosting\/security\/firewall-management\/cloud-firewall\/configuring-your-cloud-firewall\/\" target=\"_self\">Read more<span class=\"screen-reader-text\">: Configuring Your Cloud Firewall<\/span><\/a>\n<\/li><li data-wp-key=\"post-template-item-24102\" class=\"wp-block-post post-24102 lw_help_doc type-lw_help_doc status-publish hentry vertical-hosting lw_resource_category-firewalls lw_resource_category-tutorials lw_resource_topic-cc-allow lw_resource_topic-cc-deny lw_resource_topic-ccpa lw_resource_topic-configserver lw_resource_topic-configserver-firewall lw_resource_topic-csf lw_resource_topic-csf-configuration lw_resource_topic-deny-country lw_resource_topic-firewall lw_resource_topic-geolite2 lw_resource_topic-maxmind lw_resource_topic-maxmind-license-key lw_resource_topic-mm-license-key lw_resource_section-security\">\n<h2 class=\"wp-block-post-title\"><a href=\"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/hosting\/security\/firewall-management\/configserver-security-firewall-csf\/csf-country-blocking-dependency-maxmind\/\" target=\"_self\" >CSF Country Blocking Dependency &#8211; Maxmind<\/a><\/h2>\n\n<div class=\"wp-block-post-excerpt\"><p class=\"wp-block-post-excerpt__excerpt\">Learn about changes to CSF Country Blocking requiring that a key is obtained. Then, there is a value in \/etc\/csf\/csf.conf that needs to be updated with the free license key. <\/p><\/div>\n\n<a class=\"wp-block-read-more\" href=\"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/hosting\/security\/firewall-management\/configserver-security-firewall-csf\/csf-country-blocking-dependency-maxmind\/\" target=\"_self\">Read more<span class=\"screen-reader-text\">: CSF Country Blocking Dependency &#8211; Maxmind<\/span><\/a>\n<\/li><li data-wp-key=\"post-template-item-23596\" class=\"wp-block-post post-23596 lw_help_doc type-lw_help_doc status-publish hentry vertical-hosting lw_resource_category-firewalls lw_resource_category-hosting lw_resource_category-security lw_resource_category-tutorials lw_resource_topic-centos lw_resource_topic-centos-7 lw_resource_topic-firewall lw_resource_topic-firewalld lw_resource_topic-network-interface lw_resource_topic-network-interfaces lw_resource_topic-public lw_resource_topic-security lw_resource_topic-systemctl lw_resource_topic-systemd lw_resource_topic-zone lw_resource_topic-zones lw_resource_section-security\">\n<h2 class=\"wp-block-post-title\"><a href=\"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/hosting\/security\/firewall-management\/find-view-default-zone-for-firewalld-on-centos-7\/\" target=\"_self\" >Find (View) Default Zone for Firewalld on CentOS 7<\/a><\/h2>\n\n<div class=\"wp-block-post-excerpt\"><p class=\"wp-block-post-excerpt__excerpt\">Zones enhance an administrator&#8217;s capability to define trusts and restrict network traffic. Learn how to find the default zone in Firewalld on CentOS 7 via the command line. <\/p><\/div>\n\n<a class=\"wp-block-read-more\" href=\"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/hosting\/security\/firewall-management\/find-view-default-zone-for-firewalld-on-centos-7\/\" target=\"_self\">Read more<span class=\"screen-reader-text\">: Find (View) Default Zone for Firewalld on CentOS 7<\/span><\/a>\n<\/li><li data-wp-key=\"post-template-item-24103\" class=\"wp-block-post post-24103 lw_help_doc type-lw_help_doc status-publish hentry vertical-hosting lw_resource_category-control-panel lw_resource_category-getting-started lw_resource_category-whm lw_resource_section-security\">\n<h2 class=\"wp-block-post-title\"><a href=\"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/hosting\/security\/firewall-management\/configserver-security-firewall-csf\/getting-started-with-configservers-modsecurity-control-plugin\/\" target=\"_self\" >Getting Started with Configserver&#8217;s ModSecurity Control Plugin<\/a><\/h2>\n\n<div class=\"wp-block-post-excerpt\"><p class=\"wp-block-post-excerpt__excerpt\">Use the ConfigServer ModSecurity Control (CMC) plugin in WHM to whitelist specific rules for a secure yet smooth-running site. Configure it with this article&#8217;s guidance. <\/p><\/div>\n\n<a class=\"wp-block-read-more\" href=\"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/hosting\/security\/firewall-management\/configserver-security-firewall-csf\/getting-started-with-configservers-modsecurity-control-plugin\/\" target=\"_self\">Read more<span class=\"screen-reader-text\">: Getting Started with Configserver&#8217;s ModSecurity Control Plugin<\/span><\/a>\n<\/li><li data-wp-key=\"post-template-item-23597\" class=\"wp-block-post post-23597 lw_help_doc type-lw_help_doc status-publish hentry vertical-hosting lw_resource_category-security lw_resource_category-server-management lw_resource_category-tutorials lw_resource_topic-fedora-23 lw_resource_topic-firewall lw_resource_section-security\">\n<h2 class=\"wp-block-post-title\"><a href=\"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/hosting\/security\/firewall-management\/how-to-start-and-enable-firewalld-on-fedora-23\/\" target=\"_self\" >How to Start and Enable Firewalld on Fedora 23<\/a><\/h2>\n\n<div class=\"wp-block-post-excerpt\"><p class=\"wp-block-post-excerpt__excerpt\">As a matter of following security best practices, you should protect your server with a firewall. Fedora 23 and CentOS 7 come with firewalld, an alternative to iptables. <\/p><\/div>\n\n<a class=\"wp-block-read-more\" href=\"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/hosting\/security\/firewall-management\/how-to-start-and-enable-firewalld-on-fedora-23\/\" target=\"_self\">Read more<span class=\"screen-reader-text\">: How to Start and Enable Firewalld on Fedora 23<\/span><\/a>\n<\/li><li data-wp-key=\"post-template-item-24104\" class=\"wp-block-post post-24104 lw_help_doc type-lw_help_doc status-publish hentry vertical-hosting lw_resource_category-control-panel lw_resource_category-whm lw_resource_section-security\">\n<h2 class=\"wp-block-post-title\"><a href=\"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/hosting\/security\/firewall-management\/configserver-security-firewall-csf\/installing-configservers-modsecurity-control-plugin-on-your-server\/\" target=\"_self\" >Installing Configserver&#8217;s ModSecurity Control Plugin on Your Server<\/a><\/h2>\n\n<div class=\"wp-block-post-excerpt\"><p class=\"wp-block-post-excerpt__excerpt\">Protect your web apps using ModSecurity WAF. Learn how to verify your Apache installation, install rules, and add the ConfigServer CMC plugin to WHM. <\/p><\/div>\n\n<a class=\"wp-block-read-more\" href=\"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/hosting\/security\/firewall-management\/configserver-security-firewall-csf\/installing-configservers-modsecurity-control-plugin-on-your-server\/\" target=\"_self\">Read more<span class=\"screen-reader-text\">: Installing Configserver&#8217;s ModSecurity Control Plugin on Your Server<\/span><\/a>\n<\/li><li data-wp-key=\"post-template-item-23598\" class=\"wp-block-post post-23598 lw_help_doc type-lw_help_doc status-publish hentry vertical-hosting lw_resource_category-firewalls lw_resource_category-security lw_resource_section-security\">\n<h2 class=\"wp-block-post-title\"><a href=\"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/hosting\/security\/firewall-management\/configserver-exploit-scanner-cxs\/\" target=\"_self\" >Malware Scanning with ConfigServer eXploit Scanner (CXS)<\/a><\/h2>\n\n<div class=\"wp-block-post-excerpt\"><p class=\"wp-block-post-excerpt__excerpt\">Actively scan file uploads for malware with CXS. Learn to install, configure, and use this tool to block exploits before they can infect your site. <\/p><\/div>\n\n<a class=\"wp-block-read-more\" href=\"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/hosting\/security\/firewall-management\/configserver-exploit-scanner-cxs\/\" target=\"_self\">Read more<span class=\"screen-reader-text\">: Malware Scanning with ConfigServer eXploit Scanner (CXS)<\/span><\/a>\n<\/li><li data-wp-key=\"post-template-item-23600\" class=\"wp-block-post post-23600 lw_help_doc type-lw_help_doc status-publish hentry vertical-hosting lw_resource_category-firewalls lw_resource_category-security lw_resource_category-troubleshooting lw_resource_category-tutorials lw_resource_section-security\">\n<h2 class=\"wp-block-post-title\"><a href=\"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/hosting\/security\/firewall-management\/iptables-firewall\/\" target=\"_self\" >Manage your server&#8217;s firewall with iptables<\/a><\/h2>\n\n<div class=\"wp-block-post-excerpt\"><p class=\"wp-block-post-excerpt__excerpt\">iptables can act as your server&#8217;s gatekeeper, deciding which network traffic is allowed in, out, or through your server. <\/p><\/div>\n\n<a class=\"wp-block-read-more\" href=\"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/hosting\/security\/firewall-management\/iptables-firewall\/\" target=\"_self\">Read more<span class=\"screen-reader-text\">: Manage your server&#8217;s firewall with iptables<\/span><\/a>\n<\/li><li data-wp-key=\"post-template-item-23601\" class=\"wp-block-post post-23601 lw_help_doc type-lw_help_doc status-publish hentry vertical-hosting lw_resource_category-server-management lw_resource_section-security\">\n<h2 class=\"wp-block-post-title\"><a href=\"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/hosting\/security\/firewall-management\/opening-and-closing-firewall-ports\/\" target=\"_self\" >Opening and Closing Firewall Ports<\/a><\/h2>\n\n<div class=\"wp-block-post-excerpt\"><p class=\"wp-block-post-excerpt__excerpt\">Protect your server by managing network traffic. Learn how to safely open and close incoming and outgoing TCP firewall ports using CSF in WHM. <\/p><\/div>\n\n<a class=\"wp-block-read-more\" href=\"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/hosting\/security\/firewall-management\/opening-and-closing-firewall-ports\/\" target=\"_self\">Read more<span class=\"screen-reader-text\">: Opening and Closing Firewall Ports<\/span><\/a>\n<\/li><li data-wp-key=\"post-template-item-24105\" class=\"wp-block-post post-24105 lw_help_doc type-lw_help_doc status-publish hentry vertical-hosting lw_resource_category-control-panel lw_resource_category-firewalls lw_resource_category-whm lw_resource_section-security\">\n<h2 class=\"wp-block-post-title\"><a href=\"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/hosting\/security\/firewall-management\/configserver-security-firewall-csf\/restoring-csf-firewall-configuration-from-a-backup\/\" target=\"_self\" >Restoring CSF Firewall Configuration from a Backup<\/a><\/h2>\n\n<div class=\"wp-block-post-excerpt\"><p class=\"wp-block-post-excerpt__excerpt\">Protect your server by reverting unwanted changes. Learn how to safely restore your CSF firewall configuration from a backup in WHM&#8217;s Firewall Profiles. <\/p><\/div>\n\n<a class=\"wp-block-read-more\" href=\"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/hosting\/security\/firewall-management\/configserver-security-firewall-csf\/restoring-csf-firewall-configuration-from-a-backup\/\" target=\"_self\">Read more<span class=\"screen-reader-text\">: Restoring CSF Firewall Configuration from a Backup<\/span><\/a>\n<\/li><li data-wp-key=\"post-template-item-24110\" class=\"wp-block-post post-24110 lw_help_doc type-lw_help_doc status-publish hentry vertical-hosting lw_resource_category-security lw_resource_section-security\">\n<h2 class=\"wp-block-post-title\"><a href=\"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/hosting\/security\/firewall-management\/windows-firewall\/scoping-ports-in-windows-firewall\/\" target=\"_self\" >Scoping Ports in Windows Firewall<\/a><\/h2>\n\n<div class=\"wp-block-post-excerpt\"><p class=\"wp-block-post-excerpt__excerpt\">Security is paramount in today&#8217;s digital landscape. Scope Windows Firewall ports to allow only trusted IP addresses for added protection. <\/p><\/div>\n\n<a class=\"wp-block-read-more\" href=\"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/hosting\/security\/firewall-management\/windows-firewall\/scoping-ports-in-windows-firewall\/\" target=\"_self\">Read more<span class=\"screen-reader-text\">: Scoping Ports in Windows Firewall<\/span><\/a>\n<\/li><li data-wp-key=\"post-template-item-24106\" class=\"wp-block-post post-24106 lw_help_doc type-lw_help_doc status-publish hentry vertical-hosting lw_resource_category-control-panel lw_resource_category-whm lw_resource_section-security\">\n<h2 class=\"wp-block-post-title\"><a href=\"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/hosting\/security\/firewall-management\/configserver-security-firewall-csf\/setting-up-modsecurity-configuration\/\" target=\"_self\" >Setting Up ModSecurity Configuration<\/a><\/h2>\n\n<div class=\"wp-block-post-excerpt\"><p class=\"wp-block-post-excerpt__excerpt\">Customize ModSecurity&#8217;s global settings using the ModSecurity Configuration. Learn to enable the settings you need in this guide. <\/p><\/div>\n\n<a class=\"wp-block-read-more\" href=\"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/hosting\/security\/firewall-management\/configserver-security-firewall-csf\/setting-up-modsecurity-configuration\/\" target=\"_self\">Read more<span class=\"screen-reader-text\">: Setting Up ModSecurity Configuration<\/span><\/a>\n<\/li><li data-wp-key=\"post-template-item-23602\" class=\"wp-block-post post-23602 lw_help_doc type-lw_help_doc status-publish hentry vertical-hosting lw_resource_category-common-fixes lw_resource_category-domain-management lw_resource_category-firewalls lw_resource_category-website-management lw_resource_topic-apf lw_resource_topic-cpanel lw_resource_topic-csf lw_resource_topic-firewall lw_resource_section-security\">\n<h2 class=\"wp-block-post-title\"><a href=\"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/hosting\/security\/firewall-management\/unblocking-an-ip-address-or-opening-a-port-in-the-firewall\/\" target=\"_self\" >Unblocking an IP Address or Opening a Port in the Firewall<\/a><\/h2>\n\n<div class=\"wp-block-post-excerpt\"><p class=\"wp-block-post-excerpt__excerpt\">If an IP address has been blocked by the firewall on your cPanel VPS server unexpectedly, you can quickly resolve the issue yourself with just a little help. <\/p><\/div>\n\n<a class=\"wp-block-read-more\" href=\"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/hosting\/security\/firewall-management\/unblocking-an-ip-address-or-opening-a-port-in-the-firewall\/\" target=\"_self\">Read more<span class=\"screen-reader-text\">: Unblocking an IP Address or Opening a Port in the Firewall<\/span><\/a>\n<\/li><li data-wp-key=\"post-template-item-23603\" class=\"wp-block-post post-23603 lw_help_doc type-lw_help_doc status-publish hentry vertical-hosting lw_resource_category-security lw_resource_category-server-management lw_resource_section-security\">\n<h2 class=\"wp-block-post-title\"><a href=\"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/hosting\/security\/firewall-management\/using-anyconnect-with-your-hardware-firewall\/\" target=\"_self\" >Using AnyConnect with your hardware firewall<\/a><\/h2>\n\n<div class=\"wp-block-post-excerpt\"><p class=\"wp-block-post-excerpt__excerpt\">A corporate VPN secures remote access, encrypts data, prevents cyberattacks, and ensures compliance. It also enhances server management by restricting access to private networks via a secure connection. <\/p><\/div>\n\n<a class=\"wp-block-read-more\" href=\"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/hosting\/security\/firewall-management\/using-anyconnect-with-your-hardware-firewall\/\" target=\"_self\">Read more<span class=\"screen-reader-text\">: Using AnyConnect with your hardware firewall<\/span><\/a>\n<\/li><li data-wp-key=\"post-template-item-24107\" class=\"wp-block-post post-24107 lw_help_doc type-lw_help_doc status-publish hentry vertical-hosting lw_resource_category-firewalls lw_resource_section-security\">\n<h2 class=\"wp-block-post-title\"><a href=\"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/hosting\/security\/firewall-management\/configserver-security-firewall-csf\/using-csf-firewall-to-mitigate-dos-ddos-attacks\/\" target=\"_self\" >Using CSF Firewall to Mitigate DoS\/DDoS Attacks<\/a><\/h2>\n\n<div class=\"wp-block-post-excerpt\"><p class=\"wp-block-post-excerpt__excerpt\">Mitigating DoS and DDoS attacks is challenging. There&#8217;s no way to prevent them, but we can reduce their impact and, in extreme cases, take the server temporarily offline. <\/p><\/div>\n\n<a class=\"wp-block-read-more\" href=\"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/hosting\/security\/firewall-management\/configserver-security-firewall-csf\/using-csf-firewall-to-mitigate-dos-ddos-attacks\/\" target=\"_self\">Read more<span class=\"screen-reader-text\">: Using CSF Firewall to Mitigate DoS\/DDoS Attacks<\/span><\/a>\n<\/li><li data-wp-key=\"post-template-item-23604\" class=\"wp-block-post post-23604 lw_help_doc type-lw_help_doc status-publish hentry vertical-hosting lw_resource_category-domain lw_resource_category-firewalls lw_resource_category-security lw_resource_category-server-management lw_resource_category-website-management lw_resource_section-security\">\n<h2 class=\"wp-block-post-title\"><a href=\"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/hosting\/security\/firewall-management\/using-firewalld-on-centos-7\/\" target=\"_self\" >Using FirewallD on CentOS 7<\/a><\/h2>\n\n<div class=\"wp-block-post-excerpt\"><p class=\"wp-block-post-excerpt__excerpt\">Secure your CentOS 7 server with FirewallD. Learn how to easily start, stop, enable, disable, and check the status of this dynamic firewall via SSH. <\/p><\/div>\n\n<a class=\"wp-block-read-more\" href=\"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/hosting\/security\/firewall-management\/using-firewalld-on-centos-7\/\" target=\"_self\">Read more<span class=\"screen-reader-text\">: Using FirewallD on CentOS 7<\/span><\/a>\n<\/li><li data-wp-key=\"post-template-item-23605\" class=\"wp-block-post post-23605 lw_help_doc type-lw_help_doc status-publish hentry vertical-hosting lw_resource_category-best-practices lw_resource_category-firewalls lw_resource_category-security lw_resource_category-server-management lw_resource_category-web-design lw_resource_section-security\">\n<h2 class=\"wp-block-post-title\"><a href=\"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/hosting\/security\/firewall-management\/what-is-a-firewall\/\" target=\"_self\" >What is a Firewall?<\/a><\/h2>\n\n<div class=\"wp-block-post-excerpt\"><p class=\"wp-block-post-excerpt__excerpt\">A firewall is like a security guard for your server. It checks all network traffic against a list of rules to block unauthorized access. <\/p><\/div>\n\n<a class=\"wp-block-read-more\" href=\"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/hosting\/security\/firewall-management\/what-is-a-firewall\/\" target=\"_self\">Read more<span class=\"screen-reader-text\">: What is a Firewall?<\/span><\/a>\n<\/li><\/ul>\n\n<nav class=\"wp-block-query-pagination is-content-justification-center is-layout-flex wp-container-core-query-pagination-is-layout-3e41869c wp-block-query-pagination-is-layout-flex\" aria-label=\"Pagination\">\n\n\n<div class=\"wp-block-query-pagination-numbers\"><span data-wp-key=\"index-0\" aria-current=\"page\" class=\"page-numbers current\">1<\/span>\n<a data-wp-key=\"index-1\" data-wp-on--click=\"core\/query::actions.navigate\" class=\"page-numbers\" href=\"?query-0-page=2\">2<\/a><\/div>\n\n<a data-wp-key=\"query-pagination-next\" data-wp-on--click=\"core\/query::actions.navigate\" data-wp-on--mouseenter=\"core\/query::actions.prefetch\" data-wp-watch=\"core\/query::callbacks.prefetch\" href=\"\/https\/docs.nexcess.com\/wp-json\/wp\/v2\/lw_help_doc\/23088?query-0-page=2\" class=\"wp-block-query-pagination-next\">Next Page<\/a>\n<\/nav>\n\n<\/div>\n\n<\/div><\/div>","protected":false},"excerpt":{"rendered":"<p>A firewall is your server&#8217;s first defense. Learn how firewalls block threats, the types available, and how to configure them for robust security.<\/p>\n","protected":false},"author":90,"featured_media":0,"parent":22933,"menu_order":0,"template":"","meta":{"footnotes":"","_nx_search_keywords":"","_nx_search_boost":0},"vertical":[256],"lw_resource_category":[2750],"lw_resource_topic":[],"lw_resource_section":[3561],"class_list":["post-23088","lw_help_doc","type-lw_help_doc","status-publish","hentry","vertical-hosting","lw_resource_category-security","lw_resource_section-security"],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.9 (Yoast SEO v27.9) - https:\/\/round-lake.dustinice.workers.dev:443\/https\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>Firewall Management - Nexcess Documentation<\/title>\n<meta name=\"robots\" content=\"noindex, follow\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Firewall Management\" \/>\n<meta property=\"og:description\" content=\"A firewall is your server&#039;s first defense. Learn how firewalls block threats, the types available, and how to configure them for robust security.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/hosting\/security\/firewall-management\/\" \/>\n<meta property=\"og:site_name\" content=\"Nexcess Documentation\" \/>\n<meta property=\"article:modified_time\" content=\"2026-07-02T17:27:26+00:00\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/docs.nexcess.com\\\/hosting\\\/security\\\/firewall-management\\\/\",\"url\":\"https:\\\/\\\/docs.nexcess.com\\\/hosting\\\/security\\\/firewall-management\\\/\",\"name\":\"Firewall Management - Nexcess Documentation\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/docs.nexcess.com\\\/#website\"},\"datePublished\":\"2025-07-11T14:44:28+00:00\",\"dateModified\":\"2026-07-02T17:27:26+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/docs.nexcess.com\\\/hosting\\\/security\\\/firewall-management\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/docs.nexcess.com\\\/hosting\\\/security\\\/firewall-management\\\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/docs.nexcess.com\\\/hosting\\\/security\\\/firewall-management\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/docs.nexcess.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Security Overview\",\"item\":\"https:\\\/\\\/docs.nexcess.com\\\/hosting\\\/security\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Firewall Management\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/docs.nexcess.com\\\/#website\",\"url\":\"https:\\\/\\\/docs.nexcess.com\\\/\",\"name\":\"Nexcess Documentation\",\"description\":\"Search the docs, or browse by product, category, and topic across Hosting and WordPress.\",\"publisher\":{\"@id\":\"https:\\\/\\\/docs.nexcess.com\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/docs.nexcess.com\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/docs.nexcess.com\\\/#organization\",\"name\":\"Nexcess Documentation\",\"url\":\"https:\\\/\\\/docs.nexcess.com\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/docs.nexcess.com\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/docs.nexcess.com\\\/wp-content\\\/uploads\\\/2026\\\/07\\\/favicon-1.webp\",\"contentUrl\":\"https:\\\/\\\/docs.nexcess.com\\\/wp-content\\\/uploads\\\/2026\\\/07\\\/favicon-1.webp\",\"width\":512,\"height\":512,\"caption\":\"Nexcess Documentation\"},\"image\":{\"@id\":\"https:\\\/\\\/docs.nexcess.com\\\/#\\\/schema\\\/logo\\\/image\\\/\"}}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Firewall Management - Nexcess Documentation","robots":{"index":"noindex","follow":"follow"},"og_locale":"en_US","og_type":"article","og_title":"Firewall Management","og_description":"A firewall is your server's first defense. Learn how firewalls block threats, the types available, and how to configure them for robust security.","og_url":"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/hosting\/security\/firewall-management\/","og_site_name":"Nexcess Documentation","article_modified_time":"2026-07-02T17:27:26+00:00","twitter_card":"summary_large_image","schema":{"@context":"https:\/\/round-lake.dustinice.workers.dev:443\/https\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/hosting\/security\/firewall-management\/","url":"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/hosting\/security\/firewall-management\/","name":"Firewall Management - Nexcess Documentation","isPartOf":{"@id":"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/#website"},"datePublished":"2025-07-11T14:44:28+00:00","dateModified":"2026-07-02T17:27:26+00:00","breadcrumb":{"@id":"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/hosting\/security\/firewall-management\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/hosting\/security\/firewall-management\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/hosting\/security\/firewall-management\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/"},{"@type":"ListItem","position":2,"name":"Security Overview","item":"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/hosting\/security\/"},{"@type":"ListItem","position":3,"name":"Firewall Management"}]},{"@type":"WebSite","@id":"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/#website","url":"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/","name":"Nexcess Documentation","description":"Search the docs, or browse by product, category, and topic across Hosting and WordPress.","publisher":{"@id":"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/#organization","name":"Nexcess Documentation","url":"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/#\/schema\/logo\/image\/","url":"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/wp-content\/uploads\/2026\/07\/favicon-1.webp","contentUrl":"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/wp-content\/uploads\/2026\/07\/favicon-1.webp","width":512,"height":512,"caption":"Nexcess Documentation"},"image":{"@id":"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/#\/schema\/logo\/image\/"}}]}},"_links":{"self":[{"href":"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/wp-json\/wp\/v2\/lw_help_doc\/23088","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/wp-json\/wp\/v2\/lw_help_doc"}],"about":[{"href":"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/wp-json\/wp\/v2\/types\/lw_help_doc"}],"author":[{"embeddable":true,"href":"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/wp-json\/wp\/v2\/users\/90"}],"version-history":[{"count":4,"href":"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/wp-json\/wp\/v2\/lw_help_doc\/23088\/revisions"}],"predecessor-version":[{"id":55706,"href":"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/wp-json\/wp\/v2\/lw_help_doc\/23088\/revisions\/55706"}],"up":[{"embeddable":true,"href":"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/wp-json\/wp\/v2\/lw_help_doc\/22933"}],"wp:attachment":[{"href":"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/wp-json\/wp\/v2\/media?parent=23088"}],"wp:term":[{"taxonomy":"vertical","embeddable":true,"href":"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/wp-json\/wp\/v2\/vertical?post=23088"},{"taxonomy":"lw_resource_category","embeddable":true,"href":"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/wp-json\/wp\/v2\/lw_resource_category?post=23088"},{"taxonomy":"lw_resource_topic","embeddable":true,"href":"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/wp-json\/wp\/v2\/lw_resource_topic?post=23088"},{"taxonomy":"lw_resource_section","embeddable":true,"href":"https:\/\/round-lake.dustinice.workers.dev:443\/https\/docs.nexcess.com\/wp-json\/wp\/v2\/lw_resource_section?post=23088"}],"curies":[{"name":"wp","href":"https:\/\/round-lake.dustinice.workers.dev:443\/https\/api.w.org\/{rel}","templated":true}]}}