Advanced Policy Firewall, or APF, is a software firewall commonly installed on Liquid Web servers. It is an interface to iptables, which is standard software for managing network ports on Linux. Interacting with iptables can be complex, but APF greatly simplifies the process. APF is only accessible via ssh, and there is no way to make changes in APF through WHM or cPanel.
- These instructions are intended specifically for unblocking an IP Address in APF.
- I’ll be working from a Liquid Web Core Managed CentOS 6.5 server, and I’ll be logged in as root.
- For further details, see our in-depth look at the APF firewall.
Let’s say that you want to check whether or not a specific IP address, maybe
grep 8.8.8.8 /etc/apf/*
You may receive a result similar to:
/etc/apf/deny_hosts.rules:# added 8.8.8.8 on 04/25/14 13:42:01 with comment: {bfd.courier}
/etc/apf/deny_hosts.rules:8.8.8.8
The above means that BFD detected a brute force attack from the IP
If the IP address is denied in APF and you want to remove it, then use this command:
apf -u 8.8.8.8
If the command is successful, you should get a result similar to:
apf(12721): {trust} removed 8.8.8.8 from trust system
APF then needs to be restarted for the change to take effect:
apf -r
If you’d prefer a more advance firewall for APF, see our tutorial on how to install and configure CSF and its security plugin LFD (Login Failure Daemon).
Related Articles:
About the Author: J. Mays
As a previous contributor, JMays shares his insight with our Knowledge Base center. In our Knowledge Base, you'll be able to find how-to articles on Ubuntu, CentOS, Fedora and much more!
Our Sales and Support teams are available 24 hours by phone or e-mail to assist.
Latest Articles
How to Clone a Drupal Site to Another Domain
Read ArticleTop Eight Virtualization Security Issues and Risks
Read ArticleAccessing Man Pages on Ubuntu 16.04 LTS
Read ArticlePremium Business Email Pricing FAQ
Read ArticleMicrosoft Exchange Server Security Update
Read Article