Differences

This shows you the differences between two versions of the page.

--- wiki:firewall [2023/09/01 02:42] – guidebeacon
+++ wiki:firewall [2023/10/05 19:29] (current) – guidebeacon
@@ Line 32: / Line 32: @@
 The script runs daily, but running it now will immediately update the firewall.
+**Do not forget to add the IP to each of the 2 accounts, master on chost and beacontechnology on kingscpw01.**
+[[wiki:firewall#allowing_ips_to_locked_down_cpanel_accounts|Click here to learn more]]
 ==== Blacklist Management ====
@@ Line 43: / Line 47: @@
   - Search for the IP in question, if the IP is unknown, ask the user to go to: ipecho.net and read the IP back.
   - When the record is located, click "Delete"
+==== Troubleshooting ====
+It may  be the case that sometimes the script gives an error for various reasons, here are some steps to try to fix it:
+  - Try rebooting server
+  - Try making a change in cpHulk like adding/removing an IP and trying again
+  - Try this command: ''nft flush set inet filter ccblockset'' and try again
+  - try this command: WARNING, may result in getting locked out, add your IP to ''/etc/sysconfig/nftables.conf'' before proceeding... ''nft flush set inet filter adminwhitelist''
 ===== Host Access Control =====
@@ Line 125: / Line 138: @@
 echo firewall was successfully updated
 </code>
+===== Allowing IPs to locked down cpanel accounts =====
+On some accounts, there is htaccess that whitelists IPs for extra security.
+The htaccess is normally at: ''/home/username/public_html/.htaccess''
+The area you are looking for looks something like this:
+<code>order allow,deny
+allow from xxx.xxx.xxx.xxx
+allow from xxx.xxx.xxx.xxx
+allow from xxx.xxx.xxx.xxx
+allow from xxx.xxx.xxx.xxx</code>
+Just add a similar new entry below the last one in the list