Control server access using hosts.allow and hosts.deny files
What are hosts.allow and hosts.deny files?
The /etc/hosts.allow file specifies IP addresses that are allowed to connect to the server. It can be used in conjunction with the /etc/hosts.deny file. The /etc/hosts.deny file can be used to deny connection attempts from IP addresses, hostnames or domains. Both files can limit connections to a single service (like SSH) or all connections.Examples:
ALL : 220.127.116.11 : deny #All connections denied from IP sshd : 10.1.2.3 : allow #SSH connections allowed from IP
When are they used?
We recommend using a firewall to control server access rather than relying primarily on hosts.allow and hosts.deny files. However, if the installed firewall should fail for any reason, these files offer an additional line of defense.
Your control panel may have features that will make changes to these files directly. For example, tools like WHM's Host Access Control will write rules to the /etc/hosts.allow file.
How can I view them on my server?
The hosts.allow and hosts.deny files will only be viewable using SSH or the Terminal feature in WHM.