I use centos 5.10 32bit + cPanel 11.40.1 + WHMCS 5.3.3 on my VPS server. And my CSF is the newest v6.43. When I use Domain WHOIS Lookup in WHMCS admin panel, I get the warning message below: There was a problem connecting to the domain registry. Please check port 43 is open in your servers firewall. Error: 110 - Connection timed out
I try to use whois ip in ssh shell and get the message below:...
Hi
I've tried many ModSec attacks (SQL injections) on my server to see if the IP will be blocked but noting blocked.
I saw apache log, it contains all the attempts from my IP.
csf.conf contains:
I've got a server with multiple public-facing IPs, and I'd like certain services to only be bound on certain IPs. Services like SSH and FTP can simply be configured to only bind to a single interface, but I've got a couple stubborn ones that insist on binding to them all.
What I'm basically looking for is something like CSF's TCP_IN option, but address-specific. For example, connections to...
I recently decided to set PORTFLOOD for my Dedicated server (with WHM). So I input bellow values :
80;tcp;20;5, 443;tcp;20;5
The problem is that in none SSL sites Flood controlling work nicely but in HTTPS site not working!
I want to mention :
For the test, I keep F5 key in Firefox (home page of site) and load average of CENTOS 7 wll increase immediately in https website but for other...
I am using Cpanel on CENTOS 6.8 VMWare.
csf is set to auto update.
I could not find the upgrade logs for csf. But last week an issue began to happen.
My domian does not work with the www added when connecting from inside the same network as the VM / webserver.
When I test with csf disabled it works just fine.
I am assuming this was caused by an update?
I don't know how to fix it....
I get the below alert and I am used to getting these, but this one has been coming in 50 times a day for only one user/domain. How can i just remove this file or find out what is going on?
Time: Fri Nov 17 07:06:08 2017 -0500
File: /tmp/index.php
Reason: Script, file extension
Owner: usernamehere:usernamehere (1020:1022)
Action: No action taken
This has been a bug for a long time so I figured I'd make an account and report it.
Whenever CSF (re)starts it's supposed to execute /etc/csf/csfpost.sh.
However, it does not execute this file after auto-updating.
CSF Version: Every version over the past ~year at least, currently running csf: v11.05 (DirectAdmin)
Running on CentOS 7 with DirectAdmin.
Csftest shows no problems.
I'm getting recurring warnings from lfd dirwatch for this:
/tmp/libjansi-64-9053710114156324912.so
(Reason: Linux Binary )
This is apparently a legitimate library spawned by a user account running Minecraft Forge, so I'd like to suppress the warnings. I tried adding the following to csf.fignore:
/tmp/libjansi-.*\.so
Restarted and reloaded but I'm still getting the e-mails. Am I missing...
On one of our servers when running csf --rbl when I get the email it says:
RBL Check on web0.example.com: failures
Everyone of the IPs has all the RBLs listed in red with no other text. I've manually gone to each of the RBLs and checked the IP addresses and none of them are listed.
I'm thinking that the RBL check times out after a while and silently fails, then sends out the email with the...
On a normal web server where ports 80,443 are normally open to normal web traffic, we want to block a particularly nuisance IP range (for example 46.229.160.0/20) but allow access from an individual IP within that range (for example 46.229.160.1). Is this possible? It doesn't seem to be during my testing.
CSF periodically blocks an external SMTP server. I have to restart CSF and it will work again for a while. Simply restarting CSF is sufficient, I do not need to modify any configs.
Details:
1. I have SMTP_BLOCK disabled.
2. I am using an external SMTP server
3. I've whitelisted the IPs of that server in csf.allow.
4. It's similar to the topic SMTP_ALLOWUSER doesn't work intermittently, must...
I have tried this multiple times and it keeps failing. I know that it was working a couple of years ago.
In WHM > Plugins > ConfigServer Security & Firewall
I have edited csf.resellers thusly:
# For example, to allow reseller someuser to unblock IP addresses and have an
# alert email sent to root, use:
#
#someuser:1:USE,UNBLOCK
username:1:USE,ALLOW,UNBLOCK
#
In WHM > Resellers > Edit Reseller...
I'm using csf with cPanel and so as we offer free webhosting and paid we've setup 2 network nics eth0 and eth1
eth0 - Which is default and primary, is used for free clients and has been limited to 80-100MB/s internet speed,
eth1 - Isn't limited it is just for paid clients.
Due to abuses i was forced to do this so now while setting this up i had some problems with port...
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum