With the High Load template for instance, there are set variables which don't seem to be documented.
This includes , , , , and however there doesn't seem to be a way to tweak them. For instance, we'd like to amend how ps is invoked (and likely include a 2nd copy of it, sorted differently), include iostat/sar reports and others.
How does one go about amending what the above variables...
I'm struggling to find any info on how to resolve it, other than removing RU from the CC_DENY list. I understand what the issue is, just don't know how to either remove/fix that entry in CC_RU.
Hi all,
I need help with Check Server Security configuration on cPanel VPS.
My VPS hosts mutliple Wordpress and various different Laravel CMS websites, along with some static content.
I need to know is it safe to do as Security says (disable) and will it impact my websites:
PHP Check
1. Check php for enable_dl or disabled dl()
2. Check php for disable_functions
I use Centos 7 and DirectAdmin have an issue with unblock adress IP. Validation recaptch works but adress IP still block.
In /home/csf/public_html/index.php file_put_contents doesn't work and unblock.txt and lfd_messenger.log don't create.
PHP Warning: file_put_contents(/home/csf/unblock.txt): failed to open stream: Permission denied in /home/csf/public_html/index.php on line 252PHP message:...
Hello, i want to know is this rule that i have wrote correct?
i mean that can we use source port and desteniation port after each other with same ip.
tcp|in|s=0_65535|s=x.x.x.x
tcp|in|d=(some specific ports)|s=x.x.x.x
Hi all,
I am rebuilding my infrastructure and those services facing the public, I am opting to use CSF instead of vanilla IPTables.
I am having a bit of an issue when CSF is active Bird2 is failing to work properly, I was wondering if anyone else has had this issue before and solved it.
The error I get is:
bird : ospf1: Socket error on enp6s0: Operation not permitted
I created an extremely simple wordpress plugin that creates log of failed login attempts, this way I can target only a brute force attack and not a webmaster login into several sites in an hour for normal work (this is a server with more than a thousand wordpress sites)
I can make the log any way I want, but so far I am appending a timestamp and the ip of the failed...
Just in the last 5 days or so i started to see our server IP addresses showing as listed in RBLs (Notably spamhaus.org lists)
This was weird because it was showing IPs that we are not actually using (sitting idle) as listed also
So i manually tested all the IPs at spamhaus.org and they are all clean.
I also started to get customers telling me that email to them has been rejected and returned...
Please help me understand.
For some reason CSF is blocking SNMP communication between my Monitoring system and the router. I have both IP addresses listed in csf.allow with nothing else on the line. Should that not allow full communication between the two? All other services are working fine.
Thanks.
Ahhhh. It would seem I was misunderstanding CC_ALLOW_FILTER, thinking it was essentially blocking all, but allowing in my case US. It seems that is not the case.
Let me please ask this follow up. Rather than me blocking quite a few CC codes specifically, since I understand that would create immense IP tables, is there any way to say block all except (in my case US) . Some folks may question this...
Hi there,
I have been struggling with finding out a reason, as to why on certain terminals on my office LAN which are using a Public Static IP address - I am unable to receive email from my Email server hosted on OS
CentOS v7.9.2009 STANDARD vmware
cPanel Version
106.0.9
I even tried to add it to the csf.allow, file so to skip its check and avoid blocking it BUT I haven't succeeded.
Now my server had configurated with permanent ban that IP after temporary ban 4 times. But I don't know the option which I can config to auto remove/unban/release permanent IP in csf.deny after seconds/minutes/hours/...
Hello, I have been using Configserver on WHM/Cpanel on CentOS for years and recently moved to a new server with WHM/Cpanel on CentOS.
The file csf.conf keeps getting overwritten with what appears to be a default configuration. I make changes and safe via the UI in WHM/CPanel or I make changes via SSH and Emacs. Either way, after some time the file is replaced with a 'default' csf.conf that...
I’ve a running CSF installation with messenger service on CloudLinux 8, I’ve migrated it from iptables to ipset to use blocklists, works wonderfully. But now I have a problem which I cannot solve: if I use the variable CC_MESSENGER_ALLOW and enter any country code or more then I can no longer reach the messenger (v3) page from a blocked IP. I have made sure that CSF recognizes my country...
After googling for some time and not finding anything on this problem I'm asking here for some help.
I've setup remote logging for rsyslog on debian 11 and when CSF / LFD ist enabled, I get the following error for rsyslog:
(changed URL inside of the error message because of limitations)
Oct 30 16:54:08 SERVER85 rsyslogd : action 'action-0-builtin:omfwd' suspended (module...
I cannot reproduce this on any other servers, but am not sure where to go with this. LFD is detecting brute forces fine and logs that it is blocking the IP:
Oct 28 17:06:44 dalgarno lfd : (sshd) Failed SSH login from 112.95.75.195 (CN/China/-): 5 in the last 300 secs - *Blocked in csf*
However, the IP does not end up in IPTABLES nor does an entry get written to /etc/csf/csf.deny
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum