How to whitelist a hostname in ConfigServer Security and Firewall installed (CSF)


If your server has ConfigServer Security and Firewall installed (CSF), then you may find it necessary to whitelist a hostname as opposed to an IP address.

CSF has a file specifically for allowing hostnames called "csf.dyndns". Fully Qualified Domain Names (FQDN) are checked at a configurable interval of seconds, to poll for a change in the IP address. If the IP address has changed iptables will be updated!

To whitelist a hostname:

1) SSH to the server
2) Open the file "/etc/csf/csf.dyndns" and add the hostname.
3) Open the file "/etc/csf/csf.conf" and set DYNDNS = "300" (which would check for IP updates every 5 minutes).
Note: If you want the activity of the IP also ignored, set DYNDNS_IGNORE = "1"
4) Restart the firewall 

That's it. The hostnames in csf.dyndns will automatically be allowed and the rules will refresh every 5 minutes.

Have more questions? Submit a request