Enable reseller access to CSF

If you are using the csf(ConfigServer Security & Firewall) on your cPanel server you can allow your resellers to use a few functions of it.

To enable reseller access to csf do:

  1. Open the /etc/csf/csf.resellers file. You can do this via the csf plugin interface (Edit Reseller Privs button) or from the command line using a tool like nano
    csf resellers 1
  2. Read the info in the file

    # You should list each account, one per line, followed by a colon, then a 0 or
    # 1 depending on whether you want an email alert sent using the email template
    # reselleralter.txt whenever an ALLOW/DENY or UNBLOCK is performed, then a
    # colon, then a comma separated list of the feature codes that you want each
    # reseller to have access to.
    #
    # As of writing, the following is a list of the available feature codes. More
    # may be added in the feature, in which case they will be listed in the main
    # csf readme.txt:
    #
    # USE – The reseller can use this facility through WHM (required)
    # UNBLOCK – The reseller can use the Quick Unblock feature
    # GREP – The reseller can use the Search IP feature
    # ALLOW – The reseller can use the Quick Allow feature
    # DENY – The reseller can use the Quick Deny feature
    #
    # For example, to allow reseller “someuser” to unblock IP addresses and have an
    # alert email sent to root, use:
    #
    #someuser:1:USE,UNBLOCK
    #
    # For example, to allow reseller “someuser” to allow, deny and unblock IP
    # addresses, but no alert sent, use:
    #
    #someuser:0:USE,ALLOW,DENY,UNBLOCK

  3. Add your line in the file and save it.
    reseller_username:1:USE,UNBLOCK,GREP,ALLOW

    In this case, you will allow access to reseller_username1 to search, unblock, and allow IPs. The root will also be notified of changes made by this reseller.
  4. The reseller will be able to access csf from WHM->Plugins->ConfigServer Security & Firewall. The interface will look like:
    csf resellers interface

Don’t forget to also enable access to csf in the reseller privileges.
# NOTE: As of version cPanel v11.8.1 you must additionally grant resellers
# access via “WHM > Edit Reseller Nameservers and Privileges > Third Party
# Services > ConfigServer Security & Firewall (Reseller UI)”.

Leave a Reply