For the last few weeks, every night around 10 PM I receive emails from my LFD:
Subject: lfd on XXX.XXX.COM: SYSLOG Check Failed
Time: Wed May 26 21:38:05 2021 -0400
Error: Failed to detect code in SYSLOG_LOG
SYSLOG may not be running correctly on XXX.XXX.XXX
Any ideas where I should start to look? I opened a ticket with cPANEL and they say that they use rsyslogd instead and that it...
Looks like one of my servers is not upgrading... and probably for a while.
Upgrading csf from v14.08 to 14.17...
Retrieving new csf package...
Unpacking new csf package...
sh: line 0: cd: /usr/src: No such file or directory
tar (child): csf.tgz: Cannot open: No such file or directory
tar (child): Error is not recoverable: exiting now
tar: Child returned status 2
tar: Error is not recoverable:...
I can't explain why this is happening, but in recent weeks CSF has begun blocking outbound traffic to specific update servers for cPanel services. At first I thought it was all related to a forced server host name change by GoDaddy, but on further review it seems to be something else. The timing of it all just made it all suspect though.
I was wondering if CSF could get an option to send its signals to CrowdSec, and in return, the user would get the community blocklist associated with those signals.
CrowdSec supports custom signals, and by using CrowdSec, all CSF users would benefit from a tailor-made blocklist on signals from other CSF users and a global blocklist for global signals they...
I'd like to provide some feedback on the Server Check feature.
I've gotten scores up to around 95+ on all our WHM servers but I feel there are some items on there that aren't really bad conditionally. Obviously I've just been ignoring them so far as I understand why they can be ignored, though they could mislead other people.
For the last 24 hours or so, I've been getting e-mails saying that lfd failed to started due to a CHAIN_ADD failed (Device or resource busy) error. When I run the test iptables check in CSF inside WHM, it reports the following:
Testing ip_tables/iptable_filter...FAILED - Required for csf to function
Testing ipt_LOG...FAILED - Required for csf to function
Testing...
This started recently and I can't figure out what is causing it.
Hotmail, outlook, gmail, yahoo, client domains, configserver.com - with CSF enabled no mail is being received, but it appears all outbound email is working fine. If I disabled CSF all the mail starts coming in again.
I made no changes to CSF that would have caused this.
I have a GoDaddy dedicated VPS. At least 6 weeks ago, if not longer, GoDaddy began changing all server host name formats and retired the original format on Sept 15th.
Old format: ip-72-167-111.222-ip.secureserver.net
New format: 222.111.167.72.host.secureserver.net
And about 6 weeks ago I began experiencing problems where my server could no longer connect to outbound services like automated...
Recently we've started getting refused connections to other hosts from multiple servers, nothing is set to block these on the outbound server and a traceroute will follow the whole route bar the destination machine itself. As soon as CSF is turned off, connection can be established and traceroute completes; which would imply the server is blocking something this end thats necessary for...
Hello,
When messenger service is active, and specific subnet is blocked (in csf.deny), but one IP address of this subnet is whitelisted (in csf.allow), the user (whitelisted IP) is still being redirected to messenger service.
I think it because of IPSET chains order, messenger chain before allow chain.
hello, please advice
i have default settings, all working and 99% of clients can use ftp, but always i have 1% of clients who cannot login to ftp, no logs.
how i fix that> i add their ip to csf allow and to brute whitelist, then they able to login.
for example now clients from russia cannot login from different ips
Status: Finding an IP address for ftp.test.ee
Status: Connecting to...
i wish i could use the LF_NETBLOCK function of csf in directadmin. this function would allow me to have a list of really malicious ip while avoiding false positives. BFM works very well, but many users are blocked very often because they are unable to configure an email client. the function of CSF would help me to better manage the problem. afterwards, the generated list of csf.deny is sent...
For few days i have been receiving errors from users trying sending email to Gmail accounts that spf/dkim is not showing
than another domain that ptr is not working.
I have Assp Running so i tought that was the issue but after disabling ASSP Services the error Continued.
Than i Turn Off CSF and all emails started going trough so was happy but than 2 hrs later it started getting block again.......
Is there any special requirements for running CSF on cPanel / AWS EC2?
I installed CSF using the default installation instructions and once installed, I no longer had access to the server, cPanel urls or SSH. I had to manually uninstall csf through the AWS console.
Has anyone had experience running CSF on an AWS server?
We have monitoring set up to monitor /var/log/httpd/domains/*.log right now, but we would actually like to exclude one specific something.log file from that pattern. Is that possible somehow with the GLOB functionality that CSF is using here?
I installed csf on a fresh server, without cpanel or webmin, and I'm using it correectly. LFD seems to work fine, and the SMTP login failures part of csf too.
The problem is when activating the option:
LF_APACHE_404 = 100
LF_APACHE_404_PERM = 600
I receive a lot of 404 errors (maybe a DoS attack) but csf doesn't ban the ip.
How does csf blocks the ip? What criteria does csf...
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum