Enabling CSF managing privilege for WHM resellers

Before moving to this, you must have the basics of CSF. CSF, is the abbreviation of Config Server Security & Firewall. CSF is for configuring or managing your server firewall easily. CSf is the most commonly using firewall application to secure Linux servers. CSF has wide range of options to manage Linux firewall via comman-line and from the control panel. The csf installation includes preconfigured configurations and control panel UI’s for cPanel, DirectAdmin and Webmin. The installation ans usage of CSF is quit simple.

Working principle of CSF

The idea with csf, as with most iptables firewall configurations, is to block everything and then allow through only those connections that you want. This is done in iptables by DROPPING all connections in and out of the server on all protocols. Then allow traffic in and out from existing connections. Then open ports up in and outgoing for both TCP and UDP individually.

We already discussed about the installation steps of CSF on Linux server. Click here for Install and configure csf on CentOS.

Here I’m going to give privilege to manage CSF for a WHM reseller. Yes it’s possible. There is a file “csf.resellers” in “/etc/csf” directory to allow this permission for resellers. Please not you can only give limited CSF functionality.

The syntax is explained below:

To allow a reseller to manage CSF add the following entry in “csf.resellers” file.



someuser :: Is the WHM reseller’s user name.
1 :: Stands for the email alert functionality.


0 or 1 depending on whether you want an email alert sent using the email template reselleralter.txt whenever an ALLOW/DENY or UNBLOCK is performed.

Then the options for resellers.


# USE        - The reseller can use this facility through WHM (required)
# UNBLOCK    - The reseller can use the Quick Unblock feature
# GREP       - The reseller can use the Search IP feature
# ALLOW      - The reseller can use the Quick Allow feature
# DENY       - The reseller can use the Quick Deny feature

RECOMMEND: For security reasons, we recommend only allowing resellers USE,UNBLOCK and GREP

Please make sure that you have enabled the following option through WHM.

To use this feature for a WHM reseller, you need to enable the “ConfigServer Security & Firewall (Reseller UI)” through WHM as root. Please do follow the steps to enable “ConfigServer Security & Firewall (Reseller UI)” through WHM.

1, Log into WHM as root.
2, Move to “Home » Resellers » Edit Reseller Nameservers and Privileges”
3, Select the reseller.
4, Under “Third Party Services”.
5, Tick on “ConfigServer Security & Firewall (Reseller UI)” and save it.

Please see the image below:


That’s it!

Related posts

1, CSF commands for Unix/Linux servers
2, Install and configure csf on CentOS
3, Csf command not found in WHM/cPanel server

Arunlal Ashok

Linux Server Administrator. I'm dealing with Linux servers since 2012. I started this blog to share and discuss my ideas with the world. Check My Profile!! in uPwork (oDesk) and let me know if you need any assistance. Thanks!!

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *