ConfigServer Community Forum

i have tried to set cc deny country port and cc deny pirt tcp in csf.
i want to block china from accessing my pop and smtp server for hacking it. But i want to allow email that is sent from china can arrive to my server because my customer has business with china company. How can do that? I put 22,25,110,465,993,995,143,587 in cc deny port tcp. Buat it makes email that is sent from china got...

Hello, thanks for the great work you did to make all this effort on this awesome firewall.
Today i changed the default SSH port from 22 to 2022 on my vps, opened it in TCP_IN TCP_OUT but i saw in the CSF that it still says 22 as the SSH port. Is that a problem ?

Steps i took for the change:
1. Edited /etc/ssh/sshd_config and changed the port 22 to 2022 and deleted the #
2. Restarted SSHD...

Hello,
i'm a few servers with webmin and when i install csf firewall and own module in some server i see a page with css of authentic theme , like this

in other server i see a page with default css of csf firewall (similar in cpanel) like this

how i change first view and use second view (default css firewall (similar in cpanel) also in webmin.

Thank you

Ale

Hey, my lfd wont start, this is on a new server im just setting up.

The log is

lfd.service - ConfigServer Firewall & Security - lfd
Loaded: loaded (/usr/lib/systemd/system/lfd.service; enabled; vendor preset: disabled)
Active: failed (Result: exit-code) since Fri 2018-08-03 08:54:33 AEST; 9s ago
Process: 11216 ExecStart=/usr/sbin/lfd (code=exited, status=25)

Aug 03 08:54:33...

On a clean CentOS 7.5 install, after installing CSF, going to:

Webmin > Webmin Configuration > Webmin Modules >
From local file > /usr/local/csf/csfwebmin.tgz > Install Module

Just hangs after clicking the Install Module button.

I've even tried uninstalling CSF, reinstalling, then trying again - but I get the same thing.

Any ideas what might be going on?

(CSF is in testing mode - does...

Is it possible to centrally manage CSF on multiple servers on one server. i.e. sending commands, scripts from one server to others.

Thanks

After a fresh install of csf, I'm getting this error while trying to start

Jun 07 11:17:27 mail.aria systemd : Starting ConfigServer Firewall & Security - lfd...
Jun 07 11:17:27 mail.aria lfd : Can't use an undefined value as a symbol reference at /usr/sbin/lfd line 7186.
Jun 07 11:17:27 mail.aria systemd : lfd.service: Control process exited, code=exited status=25
Jun 07 11:17:27 mail.aria...

General info:
Fresh installations, no other firewall running
Linux Debian 9.3 #1 SMP Debian 4.9.65-3+deb9u2 (2018-01-04) x86_64 GNU/Linux
CSF/LFD version 11.05 or 11.06

Config file excerpt:
LF config from /etc/csf/csf.conf

LF_DAEMON = 1
LF_CSF = 1
LF_TRIGGER = 0
LF_TRIGGER_PERM = 1
LF_SELECT = 0
LF_EMAIL_ALERT = 1
LF_SSHD = 5
LF_SSHD_PERM = 1
LF_FTPD = 10
LF_FTPD_PERM = 1...

Hi, I'm restarting CSF with csf -r command but this error showed for me :

Error: csf is being restarted, try again in a moment: Resource temporarily unavailable at /usr/sbin/csf line 175.

help me

Hello guys,

Recently one of my shared servers received several hits from 2 or 3 IP addresses, these hits increased server load average to a huge number, I will paste the output kernel messages I got at the console while under this attack, what csf option would help me prevent this kind of attack? (ports 585 and 1270 are not allowed under tcp in csf configuration option):

Jul 3 18:58:34 gilmour...

Hello and sorry for this post, (i am sure there are 278527465283475682 related posts in here about my problem)

i've searched in here to find a solution to my problem but i have raised my hands up in the air and i can't figure out a soluttion... !

email server: exim
cpanel latest updated version
centos-6-x86_64
csf latest updated version

with csf enabled, i have problem with the mails... i...

I had a Joomla site hacked last night, they relayed some emails. Trying to figure out how they got in. Looks like they used sendmail. Here are the CSF notifications (without actual domain name or email addresses). The configuration.php file referred to as possible script is the Joomla file last updated 2016. Don't think that was part of issue, but they probably used it to pull the title of the...

Hello,

Thank you for this great product.

How can I block a series of countries but ONLY their web traffic?

E.g. block DE, HU, RU but still allow emails to come through?

Many thanks in advance.

Is there any plans to intergrate csf to work with firewalld/ufw and systemd? With more os's switching over, wouldn't it be ideal?

Hello

I have a very weird problem on a server which has CSF/LFD installed. For long CSF/LFD just worked very fine. But today, while watching some logs, I noticed that countries which are in CC_DENY were not blocked anymore.
Trying to understand this problem, I 1st blamed GeoIP. but no, GeoIP data is updated and my geoiplookup responses are correct.
Then, to my surprise, I think I found out why...

According to WHM > ConfigServer Security & Firewall > Check Server Security it shows:

Firewall Check
iptables is not configured. You need to start csf

But within CSF config I have it set us IPSET which is installed.

ipset v6.19, protocol version: 6

I've tried restarting CSF but still when I go to Check Server Security it still shows:

iptables is not configured. You need to start csf...

Hello,

In our WHM (CPanel) lfd service is down (after we have root partition full problem, few days ago)
As soon as fix the partition (free up some space) problem, lfd didnt start up and we cannot start it out yet.

At lfd.log file we have only this error (repeatable):

Apr 13 15:37:16 cpanel1 lfd : *Error* LF_DAEMON not enabled in /etc/csf/csf.conf, at line 82
Apr 13 15:37:16 cpanel1 lfd :...

Hi,

I receive this emails from ldf and I don't know how to disable them because I don't know what trigger the email to be send.
Any idea how to find out?

Time: Fri May 25 12:49:28 2018 +0300
IP: 40.117.209.45 (US/United States/-)
Temporary Blocks: 5

Temporary blocks that triggered the permanent block:
Thu May 24 18:00:14 2018 40.117.299.455
Thu May 24 20:40:52 2018 40.117.299.455
Thu May 24...

This morning I received an email with error output from a cron job which ran the command /usr/sbin/csf -u

Upgrading csf from v12.03 to 12.04...
Retrieving new csf package...
...5%

Unpacking new csf package...

gzip: stdin: unexpected end of file
tar: Unexpected EOF in archive
tar: Unexpected EOF in archive
tar: Error is not recoverable: exiting now
sh: install.sh: No such file or directory...

I recently started receiving email notifications about Excessive resource usage by mysqld_safe. I did some forum research and couldn't find the root cause of that. Everyone has suggested to disable the notifications by modifying /etc/caf/csf.pignore file.

At the same time, I have also been receiving email notifications every time I log in via SSH or cPanel / WHM. Does anyone know what's causing...