I have one question about CSF and WHMCS. We are using a free addon for WHMCS for clients to allow clients to unblock an IP that has been blocked on a cPanel server that is using CSF., without needed to open ticket etc.
On WHMCS for security reasons we have create API Tokens through WHM, so WHMCS would be able to create, suspend, terminate, delete accounts etc.
I have had CFS installed on one of my servers and it's been working great, but I keep running into problems where by if a client tries to access their email accounts from an IP other than the one they have been using normally, the IP address get blocked and they cannot access either their website or emails until I allow it on the server.
This has been happening for some time and I'm not...
I have a bunch of DirectAdmin servers that have modsecurity installed through custombuild 2.0. I can't get CSF to block the denials by modsecurity and would appreciate some help with this. Modsecurity is working according to the audit log but some of the attacks are rather heavy and blocking in the firewall is preferred.
I have some blocking rules set up in csf.blocklists including a paid API key for IPDB with a limit set to 100000 (one hundred thousand). Can you give me some general guidance on other blocks to allow for my server? it is a fairly large VPS with 8 GB of Ram.
I am running a server to provide DNS to my public IP subnet. I want the server to be able to get NTP, OS updates, send email, etc, but only allow incoming tcp/udp/53 from my public subnet. My goal is to block all incoming requests and only allow DNS requests incoming from my subnet 1.2.3.0/24.
Since by default it blocks all and only allows ports I open, I believe it have the ports configured...
I have really weird issue i installed csf to a new server. when user run pm2 to run node app. it runs successfully as soon as the user logout of the cpanel the process disappear.
kindly note that this only happen with cpanel user if i run the command with the root and log out it will work fine
Hi, Is there a way to permanently set up an email to receive warnings about firewall attacks or problems that could endanger the system?
I'm new to ConfigServer firewall & security, so I need to share your experience.
Thanks!
# An alternative to CC_ALLOW is to only allow access from the following
# countries but still filter based on the port and packets rules. All other
# connections are dropped
OS: AlmaLinux 8.5 cPanel 102.0.14
also using it with Proxmox Virtual Environment 7.2.
Debian 11.3 Bullseye but using a newer Linux kernel 5.15.30,
QEMU 6.2, LXC 4
If I were to create an external include file for the csf.deny that listed the IP addresses, would I need to restart the csf service every time the external file was modified?
I would like to use a security detection script that monitors traffic on the website to write an IP to the external csf deny include file. I'd rather not get into execution permissions from a script if possible.
I'm trying to figure out a way to add ip addresses to the csf.deny list by means of a php script.
My first approach was to directly write to csf.deny from my php script. But figured that it was better to use usr/sbin/csf -d x.x.x.x because the ip is then directly blocked.
But the above is not working.
Tried with shell_exec and some other commands too.
I'm running CSF on Centos 7.9 and in all of my domains I can receive emails from gmail in my webmail. Although from other providers like yahoo, outlook or iCloud I can not. Can someone please explain to me how to fix this?
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum