After updating CSF to v7.0.3, i get error in DirectAdmin Control Panel/CSF: Permission denied .
Reinstall of CSF is the simple solution, but not the best.
Is there a good solution? Changing file or folder permissions for example?
Reinstall firewall gives opportunity for hacking..because:
1. No firewall is not good at all.
2. There is a few minutes time to hack your server. (FAST_START solves...
I have a client who has some mysterious old e-mail reference somewhere on their devices or on my server that is continuously looking for mail and being denied access and they keep getting blocked whenever their ip address changes as they travel.
Is it possible to configure CSF to ignore any time mysteryaddress@domain.com tries to connect for mail from any ip?
Ive just setup a new server and configured a HE IPv6 tunnel, and all outbound traffic is being blocked by CSF, even though I have all ports allowed on outbound.
# Allow outgoing TCP ports
TCP6_OUT = 0:65535
# Allow outgoing UDP ports
# To allow outgoing traceroute add 33434:33523 to this list
UDP6_OUT = 0:65535
I've added the tunnel server ipv4 address to csf.allow and can ping other ipv6...
Hello, We have been recently getting alerts for 0.0.0.0 (-/-/-) blocked with too many connections . This appears to be triggered by our CT_LIMIT=500 setting. suggests 0.0.0.0 is a meta IP for all system IP addresses, however, why would CSF block it's own systems IP addresses? The concern is should this be blocked and is there any adverse effect? Is there any action we should take?
I found that one entry in csf.blocklists (RBN) returns a 404 and I figured I'd disable the list. I even found some alternative rules by emerging threats.
The problem is that whenever I edit csf.blocklists, either using the WHM interface or via SSH, it seems to work at first and then after some time it just resets again. I can't comment out the line either.
One of our customers is having issues with a remote MX, so my plan was to block it on CSF, but every once in a while it gets cleared out due to the IP limit of the deny table.
How can I block that IP forever?
Also, is there a way to block domains using dyndns instead of just allowing them thru?
We're trying to build a Centos Gateway for our cloud host server. This is actually easier than I first thought with iptables using the following command to set-up NAT masquerading:
/sbin/iptables --table nat --append POSTROUTING --out-interface eth0 -j MASQUERADE
Having already set-up IP Forwarding, this command pretty much allows the guests to use the Centos Gateway to connect to the Internet...
Anyone else seeing a dramatic increase in ftp attacks on their servers from RU, KZ, UA, BR and BY over the past 24 hours. Typically the firewall blocks 4-5 IP's a day. In the past 24 hours it has thrown permanent blocks up over 800 different IP's from these countries on various servers I run.
Got to the point that I just ended up blocking the CC's.
I have CC_DENY = a few countries which are notorious for malicious traffic. However, I have clients who deal in these countries and their mail is interrupted by these rules. I have been manually adding the mailserver IPs, however, is there a working solution for allowing SMTP traffic through these rules?
Thanks
Hi,
One of my servers suffered a network blow dealt by a datacenter problem. Crashed several database tables, other assorted things.
In the WHM area when I click on the CSF link in the bottom left instead of the full interface I just get the icon and the header image in the right pane.
The firewall is working, I know because I blocked myself and had to log in to one of my other servers and flush...
I am trying to build a New Debian 8 (Jessie) Apache2 Server for a project. I would like to secure the Server as much as possible to keep risks level to a minimum, So far, I was able to install everything after several days of trial and error. Right now, I am at the Security level of my project and ran into some difficulties getting the Firewall to allow access to a few key...
Hi, can anybody clarify me will Cluster setup copy all settings from master server, or it is only for blocked/allowed IPs. Because I have large amount of servers and setup manual of CSF for every server and changing something is really slow ?
Is it possible to have different csf.conf files for different network interfaces? I can see in the csf file where i can specific what interfaces the csf.conf acts on, but what if i want different csf.conf rules and settings for different network interfaces?
After I installed csf (which comes with 115 deny rules) I was able to add only 2 additional ones of my own, for a total of 117.
You have an unresolved error when starting csf:
Error: The VPS iptables rule limit (numiptent) is too low (396/405) -
stopping firewall to prevent iptables blocking all connections, at line 3041 in /usr/sbin/csf
In theory, the solution seems to be straightforward:...
So, I moved to a new server and install the CSF firewall.
So, im busy transferring all the domains to that server. So, now this morning i try to login in the WHM, cPanel. But it says The connection timed out. Please try again.
Even I can't visit websites.
So, that's so annoying that its even block myself on the firewall.
So, my question is. Is there any configuration how to set this to...
After a recent cPanel update, I'm not getting as many LOCALRELAY events in my lfd logs.. None of the thresholds have changed and I know of a few times the system should have tripped that alert. So, has anyone else experienced this?
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum