{"id":13625,"date":"2019-11-27T18:41:36","date_gmt":"2019-11-27T11:41:36","guid":{"rendered":"https:\/\/www.rumahweb.com\/journal\/?p=13625"},"modified":"2026-05-12T21:57:25","modified_gmt":"2026-05-12T14:57:25","slug":"setting-port-melalui-firewall-csf-cpanel-agar-bisa-diakses-dari-ip-tertentu","status":"publish","type":"post","link":"https:\/\/www.rumahweb.com\/journal\/setting-port-melalui-firewall-csf-cpanel-agar-bisa-diakses-dari-ip-tertentu\/","title":{"rendered":"Setting Port Melalui Firewall CSF cPanel Agar Bisa Diakses Dari IP Tertentu"},"content":{"rendered":"\n<p>Dalam pengelolaan server berbasis cPanel\/WHM, keamanan jaringan menjadi salah satu aspek yang sangat penting. Salah satu metode yang sering digunakan administrator server untuk meningkatkan keamanan adalah membatasi akses port hanya untuk IP tertentu menggunakan firewall CSF (ConfigServer Security &amp; Firewall).<\/p>\n\n\n\n<p>Dengan konfigurasi ini, port tertentu tidak dapat diakses publik dan hanya IP yang diizinkan saja yang dapat melakukan koneksi. Metode ini sangat efektif untuk mengurangi risiko serangan brute force, scanning port, maupun akses tidak sah ke layanan server. <\/p>\n\n\n\n<p>Artikel ini akan membahas cara setting port melalui firewall CSF agar hanya dapat diakses dari IP tertentu pada server cPanel\/WHM lengkap dengan contoh konfigurasi, pengecekan, hingga troubleshooting.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Apa Itu CSF Firewall?<\/h2>\n\n\n\n<p>CSF atau ConfigServer Security &amp; Firewall merupakan firewall populer pada server Linux yang banyak digunakan pada cPanel\/WHM. Selain berfungsi sebagai firewall, CSF juga menyediakan fitur keamanan tambahan seperti: <\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Login Failure Daemon (LFD) <\/li>\n\n\n\n<li>Proteksi brute force <\/li>\n\n\n\n<li>Blocking IP otomatis <\/li>\n\n\n\n<li>Port filtering <\/li>\n\n\n\n<li>Country blocking <\/li>\n\n\n\n<li>Connection tracking <\/li>\n<\/ul>\n\n\n\n<p>CSF menjadi pilihan utama karena mudah dikonfigurasi dan terintegrasi langsung dengan WHM.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Kapan Perlu Membatasi Port Berdasarkan IP?<\/h2>\n\n\n\n<p>Beberapa kondisi yang umum menggunakan konfigurasi ini antara lain:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Membatasi akses SSH hanya untuk IP kantor <\/li>\n\n\n\n<li>Mengamankan port database MySQL\/MariaDB <\/li>\n\n\n\n<li>Membuka akses aplikasi internal hanya untuk developer tertentu <\/li>\n\n\n\n<li>Membatasi akses custom application port <\/li>\n\n\n\n<li>Mengamankan panel monitoring atau backup server<\/li>\n<\/ul>\n\n\n\n<p>Sebagai contoh, port SSH sebaiknya tidak dibuka ke publik karena berpotensi menjadi target brute force maupun eksploitasi.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Cara Setting Port CSF Agar Hanya Bisa Diakses IP Tertentu<\/h2>\n\n\n\n<p>Setting port pada CSF agar hanya bisa diakses dari IP tertentu bisa dilakukan melalui dua cara yaitu ssh dan WHM. Berikut caranya : <\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Melalui SSH<\/h3>\n\n\n\n<p>1. Login ke Server melalui SSH<\/p>\n\n\n\n<p>Login SSH ke server menggunakan user root. Cara loginnya bisa dilihat pada panduan <a href=\"https:\/\/www.rumahweb.com\/journal\/cara-login-vps-ssh\/\" target=\"_blank\" rel=\"noopener\" title=\"\">Cara Login VPS Melalui Koneksi SSH<\/a><\/p>\n\n\n\n<p>2. Edit File Konfigurasi CSF Allow<\/p>\n\n\n\n<p>Buka file csf.allow menggunakan editor seperti nano atau vim<\/p>\n\n\n\n<p>nano \/etc\/csf\/csf.allow<\/p>\n\n\n\n<p>3. Tambahkan Rule Port dan IP<\/p>\n\n\n\n<p>Format konfigurasi:<\/p>\n\n\n\n<p>tcp\/udp|in\/out|s\/d=port,port,\u2026|s\/d=ip<\/p>\n\n\n\n<p>Contoh rule untuk mengizinkan koneksi TCP masuk ke port 22 (SSH) hanya dari IP 192.168.1.10 :<\/p>\n\n\n\n<p>tcp|in|d=22|s=192.168.1.10<\/p>\n\n\n\n<p>Penjelasannya :<br \/>tcp : protocol TCP<br \/>in : koneksi masuk<br \/>d=22 : port tujuan 22<br \/>s=192.168.1.10 : hanya IP tersebut yang diizinkan<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><a href=\"https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/nano-csf-allow.png\"><img loading=\"lazy\" decoding=\"async\" width=\"812\" height=\"487\" src=\"https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/nano-csf-allow.png\" alt=\"edit csf allow menggunakan nano\" class=\"wp-image-64357\" srcset=\"https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/nano-csf-allow.png 812w, https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/nano-csf-allow-300x180.png 300w, https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/nano-csf-allow-768x461.png 768w, https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/nano-csf-allow-370x222.png 370w, https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/nano-csf-allow-270x162.png 270w, https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/nano-csf-allow-570x342.png 570w, https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/nano-csf-allow-740x444.png 740w\" sizes=\"auto, (max-width: 812px) 100vw, 812px\" \/><\/a><\/figure>\n\n\n\n<p>Contoh Konfigurasi Lain :<\/p>\n\n\n\n<p>Membuka Port remote database Untuk Satu IP<br \/>tcp|in|d=3306|s=103.10.20.30<\/p>\n\n\n\n<p>Membuka Port NodeJS 3000 Untuk Jaringan Kantor<br \/>tcp|in|d=3000|s=36.80.10.0\/24<\/p>\n\n\n\n<p>Membuka Port Remote MySQL Untuk Dua IP<br \/>tcp|in|d=3306|s=1.1.1.1<br \/>tcp|in|d=3306|s=2.2.2.2<\/p>\n\n\n\n<p>4. Pastikan port yang dibatasi tidak di open di CSF<\/p>\n\n\n\n<p>Caranya untuk case membatasi koneksi masuk ke port 22, pastikan port 22 sudah dihapus dari TCP_IN di file \/etc\/csf\/csf.conf<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><a href=\"https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/port-22-di-TCP-IN.png\"><img loading=\"lazy\" decoding=\"async\" width=\"954\" height=\"339\" src=\"https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/port-22-di-TCP-IN.png\" alt=\"menghapus port dari TCP_In csf cPanel\" class=\"wp-image-64377\" srcset=\"https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/port-22-di-TCP-IN.png 954w, https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/port-22-di-TCP-IN-300x107.png 300w, https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/port-22-di-TCP-IN-768x273.png 768w, https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/port-22-di-TCP-IN-370x131.png 370w, https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/port-22-di-TCP-IN-270x96.png 270w, https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/port-22-di-TCP-IN-570x203.png 570w, https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/port-22-di-TCP-IN-740x263.png 740w\" sizes=\"auto, (max-width: 954px) 100vw, 954px\" \/><\/a><\/figure>\n\n\n\n<p>Pada contoh diatas, port 22 masih masuk dalam Allow incoming TCP Ports, silahkan dihapus lebih dulu.<\/p>\n\n\n\n<p>5. Restart CSF Firewall<\/p>\n\n\n\n<p>Simpan konfigurasi yang sudah dibuat kemudian restart CSF menggunakan perintah :<\/p>\n\n\n\n<p>csf -r<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Melalui WHM<\/h3>\n\n\n\n<p>1. Login WHM <\/p>\n\n\n\n<p>Login ke WHM mengikuti panduan <a href=\"https:\/\/www.rumahweb.com\/journal\/cara-login-whm\/\" target=\"_blank\" rel=\"noopener\" title=\"Cara Login WHM Pada VPS cPanel\">Cara Login WHM Pada VPS cPanel<\/a><br \/><br \/>2. Masuk menu ConfigServer Security &amp; Firewall<\/p>\n\n\n\n<p>Setelah login WHM, kemudian masuk ke menu &#8220;WHM &gt; Plugins &gt; ConfigServer Security &amp; Firewall&#8221; <\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><a href=\"https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/menu-configserver-security-firewall.png\"><img loading=\"lazy\" decoding=\"async\" width=\"961\" height=\"634\" src=\"https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/menu-configserver-security-firewall.png\" alt=\"menu ConfigServer Security &amp; Firewall\" class=\"wp-image-64360\" srcset=\"https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/menu-configserver-security-firewall.png 961w, https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/menu-configserver-security-firewall-300x198.png 300w, https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/menu-configserver-security-firewall-768x507.png 768w, https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/menu-configserver-security-firewall-370x244.png 370w, https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/menu-configserver-security-firewall-270x178.png 270w, https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/menu-configserver-security-firewall-570x376.png 570w, https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/menu-configserver-security-firewall-740x488.png 740w\" sizes=\"auto, (max-width: 961px) 100vw, 961px\" \/><\/a><\/figure>\n\n\n\n<p>3. Klik menu \u201cFirewall Allow IPs\u201d <\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><a href=\"https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/firewall-allow-ips.png\"><img loading=\"lazy\" decoding=\"async\" width=\"967\" height=\"624\" src=\"https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/firewall-allow-ips.png\" alt=\"Firewall Allow IPs CSF\" class=\"wp-image-64363\" srcset=\"https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/firewall-allow-ips.png 967w, https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/firewall-allow-ips-300x194.png 300w, https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/firewall-allow-ips-768x496.png 768w, https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/firewall-allow-ips-370x239.png 370w, https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/firewall-allow-ips-270x174.png 270w, https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/firewall-allow-ips-570x368.png 570w, https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/firewall-allow-ips-740x478.png 740w\" sizes=\"auto, (max-width: 967px) 100vw, 967px\" \/><\/a><\/figure>\n\n\n\n<p>4. Tambahkan Rule<\/p>\n\n\n\n<p>Tambahkan rule Port dan IP yang digunakan. Untuk formatnya sama ketika menambahkan melalui ssh<\/p>\n\n\n\n<p>tcp\/udp|in\/out|s\/d=port,port,\u2026|s\/d=ip<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><a href=\"https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/rule-firewall-csf.png\"><img loading=\"lazy\" decoding=\"async\" width=\"965\" height=\"760\" src=\"https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/rule-firewall-csf.png\" alt=\"edit csf.allow dari whm\" class=\"wp-image-64364\" srcset=\"https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/rule-firewall-csf.png 965w, https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/rule-firewall-csf-300x236.png 300w, https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/rule-firewall-csf-768x605.png 768w, https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/rule-firewall-csf-370x291.png 370w, https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/rule-firewall-csf-270x213.png 270w, https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/rule-firewall-csf-570x449.png 570w, https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/rule-firewall-csf-740x583.png 740w\" sizes=\"auto, (max-width: 965px) 100vw, 965px\" \/><\/a><\/figure>\n\n\n\n<p>Setelah menambahkan rule, scroll ke bawah dan klik tombol &#8220;Change&#8221;<\/p>\n\n\n\n<p>5. Pastikan port tidak open di Firewall Configuration<\/p>\n\n\n\n<p>Caranya masuk menu Firewall Configuration<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><a href=\"https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/firewall-configuration-csf.png\"><img loading=\"lazy\" decoding=\"async\" width=\"959\" height=\"436\" src=\"https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/firewall-configuration-csf.png\" alt=\"Firewall Configuration csf cPanel\" class=\"wp-image-64379\" srcset=\"https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/firewall-configuration-csf.png 959w, https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/firewall-configuration-csf-300x136.png 300w, https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/firewall-configuration-csf-768x349.png 768w, https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/firewall-configuration-csf-370x168.png 370w, https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/firewall-configuration-csf-270x123.png 270w, https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/firewall-configuration-csf-570x259.png 570w, https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/firewall-configuration-csf-740x336.png 740w\" sizes=\"auto, (max-width: 959px) 100vw, 959px\" \/><\/a><\/figure>\n\n\n\n<p>Untuk case membatasi koneksi masuk ke port 22, hapus port 22 dari TCP_IN<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><a href=\"https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/hapus-port-dari-csf.png\"><img loading=\"lazy\" decoding=\"async\" width=\"967\" height=\"355\" src=\"https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/hapus-port-dari-csf.png\" alt=\"hapus port dari TCP_IN whm\" class=\"wp-image-64378\" srcset=\"https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/hapus-port-dari-csf.png 967w, https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/hapus-port-dari-csf-300x110.png 300w, https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/hapus-port-dari-csf-768x282.png 768w, https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/hapus-port-dari-csf-370x136.png 370w, https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/hapus-port-dari-csf-270x99.png 270w, https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/hapus-port-dari-csf-570x209.png 570w, https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/hapus-port-dari-csf-740x272.png 740w\" sizes=\"auto, (max-width: 967px) 100vw, 967px\" \/><\/a><\/figure>\n\n\n\n<p>Setelah port dihapus, scroll ke bawah dan klik tombol &#8220;Change&#8221;<\/p>\n\n\n\n<p>6. Simpan dan restart csf<\/p>\n\n\n\n<p>Simpan konfigurasi dengan klik tombol Change, kemudian klik tombol Restart csf+lfd<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><a href=\"https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/restart-csf-dan-lfd.png\"><img loading=\"lazy\" decoding=\"async\" width=\"963\" height=\"441\" src=\"https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/restart-csf-dan-lfd.png\" alt=\"restart csf dan lfd\" class=\"wp-image-64365\" srcset=\"https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/restart-csf-dan-lfd.png 963w, https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/restart-csf-dan-lfd-300x137.png 300w, https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/restart-csf-dan-lfd-768x352.png 768w, https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/restart-csf-dan-lfd-370x169.png 370w, https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/restart-csf-dan-lfd-270x124.png 270w, https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/restart-csf-dan-lfd-570x261.png 570w, https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/restart-csf-dan-lfd-740x339.png 740w\" sizes=\"auto, (max-width: 963px) 100vw, 963px\" \/><\/a><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\">Cara Memastikan Port Tidak Terbuka Publik<\/h2>\n\n\n\n<p>Setelah rule firewall diterapkan, langkah berikutnya yang tidak kalah penting adalah memastikan bahwa port tersebut benar-benar hanya dapat diakses oleh IP yang telah diizinkan. <\/p>\n\n\n\n<p>Proses verifikasi ini bertujuan untuk memastikan konfigurasi CSF berjalan dengan benar dan tidak ada celah keamanan yang menyebabkan port masih terbuka ke publik.<\/p>\n\n\n\n<p>Terdapat beberapa metode yang dapat digunakan untuk melakukan pengujian akses port, mulai dari telnet, netcat (nc), hingga scanning menggunakan nmap. <\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>Cara cek Menggunakan Telnet <\/strong><\/h3>\n\n\n\n<p>Berikut perintah telnet untuk melakukan koneksi ke port 22 <\/p>\n\n\n\n<p>telnet ip-server 22 <\/p>\n\n\n\n<p>Berikut screenshot ketika tes menggunakan telnet dari ip yang di allow<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><a href=\"https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/hasil-telnet-yang-berhasil.png\"><img loading=\"lazy\" decoding=\"async\" width=\"953\" height=\"252\" src=\"https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/hasil-telnet-yang-berhasil.png\" alt=\"perintah telnet yang berhasil\" class=\"wp-image-64368\" srcset=\"https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/hasil-telnet-yang-berhasil.png 953w, https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/hasil-telnet-yang-berhasil-300x79.png 300w, https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/hasil-telnet-yang-berhasil-768x203.png 768w, https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/hasil-telnet-yang-berhasil-370x98.png 370w, https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/hasil-telnet-yang-berhasil-270x71.png 270w, https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/hasil-telnet-yang-berhasil-570x151.png 570w, https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/hasil-telnet-yang-berhasil-740x196.png 740w\" sizes=\"auto, (max-width: 953px) 100vw, 953px\" \/><\/a><\/figure>\n\n\n\n<p>Berikut screenshot ketika tes menggunakan telnet dari ip selain yang di allow<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><a href=\"https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/hasil-telnet-yang-gagal.png\"><img loading=\"lazy\" decoding=\"async\" width=\"970\" height=\"124\" src=\"https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/hasil-telnet-yang-gagal.png\" alt=\"perintah telnet yang gagal\" class=\"wp-image-64369\" srcset=\"https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/hasil-telnet-yang-gagal.png 970w, https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/hasil-telnet-yang-gagal-300x38.png 300w, https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/hasil-telnet-yang-gagal-768x98.png 768w, https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/hasil-telnet-yang-gagal-370x47.png 370w, https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/hasil-telnet-yang-gagal-270x35.png 270w, https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/hasil-telnet-yang-gagal-570x73.png 570w, https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/hasil-telnet-yang-gagal-740x95.png 740w\" sizes=\"auto, (max-width: 970px) 100vw, 970px\" \/><\/a><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>Cara cek Menggunakan Netcat (nc) <\/strong><\/h3>\n\n\n\n<p>nc -zv ip-server 22<\/p>\n\n\n\n<p>Berikut screenshot pengecekan port menggunakan Netcat<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><a href=\"https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/tes-nc.png\"><img loading=\"lazy\" decoding=\"async\" width=\"973\" height=\"155\" src=\"https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/tes-nc.png\" alt=\"perintah netcat untuk cek port\" class=\"wp-image-64370\" srcset=\"https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/tes-nc.png 973w, https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/tes-nc-300x48.png 300w, https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/tes-nc-768x122.png 768w, https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/tes-nc-370x59.png 370w, https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/tes-nc-270x43.png 270w, https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/tes-nc-570x91.png 570w, https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/tes-nc-740x118.png 740w\" sizes=\"auto, (max-width: 973px) 100vw, 973px\" \/><\/a><\/figure>\n\n\n\n<p>Dari screenshot diatas terlihat perbedaan antara koneksi yang berhasil (atas) dan gagal (bawah).<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><strong>Scan Menggunakan Nmap <\/strong><\/h3>\n\n\n\n<p>nmap -p 22 ip-server <\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><a href=\"https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/tes-nmap.png\"><img loading=\"lazy\" decoding=\"async\" width=\"973\" height=\"449\" src=\"https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/tes-nmap.png\" alt=\"perintah nmap untuk scan port\" class=\"wp-image-64371\" srcset=\"https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/tes-nmap.png 973w, https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/tes-nmap-300x138.png 300w, https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/tes-nmap-768x354.png 768w, https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/tes-nmap-370x171.png 370w, https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/tes-nmap-270x125.png 270w, https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/tes-nmap-570x263.png 570w, https:\/\/www.rumahweb.com\/journal\/wp-content\/uploads\/2019\/11\/tes-nmap-740x341.png 740w\" sizes=\"auto, (max-width: 973px) 100vw, 973px\" \/><\/a><\/figure>\n\n\n\n<p>Dari screenshot diatas terlihat perbedaan antara koneksi yang berhasil (atas) dan gagal (bawah).<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Cara Menghapus Rule Firewall<\/h2>\n\n\n\n<p>Dalam beberapa kondisi, administrator server mungkin perlu menghapus rule firewall yang sebelumnya telah ditambahkan. Misalnya ketika:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>IP client sudah tidak digunakan<\/li>\n\n\n\n<li>Terjadi perubahan IP publik<\/li>\n\n\n\n<li>Port tidak lagi dipakai<\/li>\n\n\n\n<li>Ingin menutup kembali akses layanan tertentu<\/li>\n\n\n\n<li>Salah memasukkan rule firewall<\/li>\n<\/ul>\n\n\n\n<p>Menghapus rule yang sudah tidak diperlukan sangat disarankan untuk menjaga konfigurasi firewall tetap rapi dan meminimalkan potensi celah keamanan pada server.<\/p>\n\n\n\n<p>Sebelum menghapus rule, pastikan Anda tidak sedang terhubung menggunakan IP yang akan dihapus, terutama jika rule tersebut digunakan untuk akses SSH. Kesalahan penghapusan rule SSH dapat menyebabkan akses ke server terblokir.<\/p>\n\n\n\n<p>Untuk keamanan tambahan, disarankan membuka session SSH cadangan sebelum melakukan perubahan firewall sehingga akses server tetap tersedia apabila terjadi kesalahan konfigurasi.<\/p>\n\n\n\n<p>1. Edit kembali file:<\/p>\n\n\n\n<p>nano \/etc\/csf\/csf.allow<\/p>\n\n\n\n<p>2. Hapus rule terkait<\/p>\n\n\n\n<p>3. Restart CSF:<\/p>\n\n\n\n<p>Restart CSF menggunakan perintah : csf -r<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">FAQ<\/h2>\n\n\n\n<details class=\"wp-block-details is-layout-flow wp-block-details-is-layout-flow\"><summary>Apakah konfigurasi ini aman?<\/summary>\n<p>Ya, karena hanya IP tertentu yang dapat mengakses port sehingga permukaan serangan menjadi lebih kecil. <\/p>\n<\/details>\n\n\n\n<details class=\"wp-block-details is-layout-flow wp-block-details-is-layout-flow\"><summary>Apakah bisa membuka akses untuk subnet? <\/summary>\n<p>Bisa menggunakan format CIDR seperti: 192.168.1.0\/24 <\/p>\n<\/details>\n\n\n\n<details class=\"wp-block-details is-layout-flow wp-block-details-is-layout-flow\"><summary>Apakah support IPv6?<\/summary>\n<p>Ya, CSF mendukung IPv6 dengan format rule IPv6. <\/p>\n<\/details>\n\n\n\n<details class=\"wp-block-details is-layout-flow wp-block-details-is-layout-flow\"><summary>Apakah perlu restart server?<\/summary>\n<p>Tidak perlu. Cukup restart layanan CSF menggunakan: csf -r<\/p>\n<\/details>\n\n\n\n<p><\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Kesimpulan<\/h2>\n\n\n\n<p>Membatasi akses port menggunakan firewall CSF berdasarkan IP tertentu merupakan salah satu langkah keamanan penting pada server cPanel\/WHM. Selain membantu mengurangi risiko serangan dari internet publik, metode ini juga menjaga layanan sensitif seperti SSH, database, maupun aplikasi internal tetap aman.<\/p>\n\n\n\n<p>Dengan konfigurasi yang tepat, administrator server dapat mengontrol siapa saja yang diperbolehkan mengakses layanan tertentu tanpa harus membuka port secara global ke internet.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Dalam pengelolaan server berbasis cPanel\/WHM, keamanan jaringan menjadi salah satu aspek yang sangat penting. Salah satu metode yang sering digunakan administrator server untuk meningkatkan keamanan adalah membatasi akses port hanya untuk IP tertentu menggunakan firewall CSF (ConfigServer Security &amp; Firewall). Dengan konfigurasi ini, port tertentu tidak dapat diakses publik dan hanya IP yang diizinkan saja [&hellip;]<\/p>\n","protected":false},"author":325,"featured_media":9062,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2,695],"tags":[18,1086,319],"class_list":{"0":"post-13625","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-artikel-tutorial","8":"category-cpanel","9":"tag-cpanel","10":"tag-csf","11":"tag-ssh"},"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.rumahweb.com\/journal\/wp-json\/wp\/v2\/posts\/13625","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.rumahweb.com\/journal\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.rumahweb.com\/journal\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.rumahweb.com\/journal\/wp-json\/wp\/v2\/users\/325"}],"replies":[{"embeddable":true,"href":"https:\/\/www.rumahweb.com\/journal\/wp-json\/wp\/v2\/comments?post=13625"}],"version-history":[{"count":9,"href":"https:\/\/www.rumahweb.com\/journal\/wp-json\/wp\/v2\/posts\/13625\/revisions"}],"predecessor-version":[{"id":64383,"href":"https:\/\/www.rumahweb.com\/journal\/wp-json\/wp\/v2\/posts\/13625\/revisions\/64383"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.rumahweb.com\/journal\/wp-json\/wp\/v2\/media\/9062"}],"wp:attachment":[{"href":"https:\/\/www.rumahweb.com\/journal\/wp-json\/wp\/v2\/media?parent=13625"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.rumahweb.com\/journal\/wp-json\/wp\/v2\/categories?post=13625"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.rumahweb.com\/journal\/wp-json\/wp\/v2\/tags?post=13625"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}