CSF has port 22 listed for TCP_IN, what is blocking certain IPs?

I went through my whole csf config, and unless I'm missing something it's not treated or listed any differently than port 80, although it blocks all IPs that are not white listed. Port 80 will allow any IP address regardless.

Is blocking IPs for port 22 hardcoded into csf? I'm trying to understand. I've read that CSF blocks everything by default, but then how is port 80 open to every IP without specifying "every IP" anywhere?

What is blocking IPs to port 22? Where is that configured, if it's not in the config?

CSF won't block everything by default. First, I recommend trying to make a quick allow to see if it works. Port 22 is used by SSH, and won't come blocked as far as I know.

First test:

Just add your IP to the csf.allow file, and then, restart csf using csf -r

Then see if it works. If it does, that means it's a config problem in your csf. If it doesn't work, that means that there is something wrong outside csf.

The correct csf config to allow port 22 (SSH) traffic is:

TCP_IN = 20,21,22,25,37,43,53,80,110,113,443,587,873,993,995,1167,2086,2087,2089,2703,5666,64413

TCP_OUT = 20,21,22,25,37,43,53,80,110,113,443,587,873,993,995,1167,2086,2087,2089,2703,5666,64413

This way port 22 should be enabled. Make sure to restart csf using csf -r or even csf -e to enable it.