Enable reseller access to CSF

If you are using the csf(ConfigServer Security & Firewall) on your cPanel server you can allow your resellers to use a few functions of it.

To enable reseller access to csf do:

1. Open the /etc/csf/csf.resellers file. You can do this via the csf plugin interface (Edit Reseller Privs button) or from the command line using a tool like nano

csf resellers1

Read the info in the file

# You should list each account, one per line, followed by a colon, then a 0 or
# 1 depending on whether you want an email alert sent using the email template
# reselleralter.txt whenever an ALLOW/DENY or UNBLOCK is performed, then a
# colon, then a comma separated list of the feature codes that you want each
# reseller to have access to.
#
# As of writing, the following is a list of the available feature codes. More
# may be added in the feature, in which case they will be listed in the main
# csf readme.txt:
#
# USE – The reseller can use this facility through WHM (required)
# UNBLOCK – The reseller can use the Quick Unblock feature
# GREP – The reseller can use the Search IP feature
# ALLOW – The reseller can use the Quick Allow feature
# DENY – The reseller can use the Quick Deny feature
#
# For example, to allow reseller “someuser” to unblock IP addresses and have an
# alert email sent to root, use:
#
#someuser:1:USE,UNBLOCK
#
# For example, to allow reseller “someuser” to allow, deny and unblock IP
# addresses, but no alert sent, use:
#
#someuser:0:USE,ALLOW,DENY,UNBLOCK

2. Add your line in the file and save it.

reseller_username:1:USE,UNBLOCK,GREP,ALLOW

In this case, you will allow access to reseller_username1 to search, unblock, and allow IPs. The root will also be notified of changes made by this reseller.

3. The reseller will be able to access csf from WHM->Plugins->ConfigServer Security & Firewall. The interface will look like this:

Don’t forget to also enable access to csf in the reseller privileges.
# NOTE: As of version cPanel v11.8.1 you must additionally grant resellers
# access via “WHM > Edit Reseller Nameservers and Privileges > Third Party
# Services > ConfigServer Security & Firewall (Reseller UI)”.

Leave a Reply