Enable ping for Windows Server 2003 firewall

(1) Remote Desktop into your server

(2) Go to Start > Control Panel

(3) Open Windows Firewall

(4) Check if th firewall is turned on

(5) Click the Advanced tab

(6) Under the ICMP box, click the Settings button

(7) tick the ‘Allow incoming echo request‘ checkbox

(8) Click on OK and then OK again to close the dialog boxes


Disable all the IP form access FTP except some IP

If you want to only allow few IP to access the FTP service, and disallow all other IP. How??? You can know add all whole world IP on it, right? 🙂

Instead of add the IP that you want to deny, why you not only allow few IP. Here is the trick!!

If you cpanel do have csf firewall, then it will much easier.

(1) Disable the port 21 (assume that you are use default port 21 for FTP service)

(2) Add below link in the allow list


IP= the IP that allow to access

Done!!! Well Done!! 🙂

CSF shell command

For those who have the CSF firewall in their cPanel. Here is some command to manage it in shell and not by WHM 🙂

-h, –help
Show this message

-l, –status
List/Show iptables configuration

-l6, –status6
List/Show ip6tables configuration

-s, –start
Start firewall rules

-f, –stop
Flush/Stop firewall rules (Note: lfd may restart csf)

-r, –restart
Restart firewall rules

-q, –startq
Quick restart (csf restarted by lfd)

-sf, –startf
Force CLI restart regardless of LF_QUICKSTART setting

-a, –add ip
Allow an IP and add to /etc/csf.allow

-ar, –addrm ip
Remove an IP from /etc/csf.allow and delete rule

-d, –deny ip
Deny an IP and add to /etc/csf.deny

-dr, –denyrm ip
Unblock an IP and remove from /etc/csf.deny

-df, –denyf
Remove and unblock all entries in /etc/csf.deny

-g, –grep ip
Search the iptables rules for an IP match (incl. CIDR)

-t, –temp
Displays the current list of temp IP entries and their TTL

-tr, –temprm ip
Remove an IPs from the temp IP ban and allow list

-td, –tempdeny ip ttl [-p port] [-d direction]
Add an IP to the temp IP ban list. ttl is how long to blocks for (default:seconds, can use one suffix of h/m/d).
Optional port. Optional direction of block can be one of: in, out or inout (default:in)

-ta, –tempallow ip ttl [-p port] [-d direction]
Add an IP to the temp IP allow list (default:inout)

-tf, –tempf
Flush all IPs from the temp IP entries

-cp, –cping
PING all members in an lfd Cluster

-cd, –cdeny ip
Deny an IP in a Cluster and add to /etc/csf.deny

-ca, –callow ip
Allow an IP in a Cluster and add to /etc/csf.allow

-cr, –crm ip
Unblock an IP in a Cluster and remove from /etc/csf.deny

-cc, –cconfig [name] [value]
Change configuration option [name] to [value] in a Cluster

-cf, –cfile [file]
Send [file] in a Cluster to /etc/csf/

-crs, –crestart
Cluster restart csf and lfd

-w, –watch ip
Log SYN packets for an IP across iptables chains

-m, –mail [addr]
Display Server Check in HTML or email to [addr] if present

-c, –check
Check for updates to csf but do not upgrade

-u, –update
Check for updates to csf and upgrade if available

Force an update of csf

-x, –disable
Disable csf and lfd

-e, –enable
Enable csf and lfd if previously disabled

-v, –version
Show csf version