I got all of the settings double checked to setup the CSF Cluster, I have all nodes sharing both send and receive and the firewalls are open on each, so when I cping test it comes back with pong, so communications is happening.
My test was to add an ip on a deny list and then check if that IP is on the deny list on all the servers in the cluster.
I added a comment as well, so I was...
I tried first installing CSF from the guideline provided on your website: but this created a huge problem for us. Our server was filled up with 60k+ processes like this:
I've read all post in internet about this. But not work.
After upgrade to Ubuntu 20.04.2 LTS CSF Firewall stop working.
Paths are correct, but still fails.
*Error* The path to iptables is either not set or incorrect for IPTABLES in /etc/csf/csf.conf at /usr/local/csf/lib/ConfigServer/URLGet.pm line 26.
Compilation failed in require at /usr/sbin/csf line 21.
BEGIN failed--compilation...
Hello, cpanel+cloudlinux -Getting an email from CSF about high Memcached usage -
Time: Sat Mar 18 20:02:15 2021 +0200
Account: memcached
Resource: Process Time
Exceeded: 3648865 > 1900 (seconds)
Executable: /usr/bin/memcached
Command Line: /usr/bin/memcached -u memcached -p 11211 -m 512 -c 1024 -l 127.0.0.1
PID: 12208 (Parent PID:12208)
Killed: No
after 2 days it grow to
Time: Mon Mar 20 01:00:15...
We have been using CSF on cPanel quite successfully for years and over the last couple of years, we have started using them on Virtualmin/Webmin servers as well. The difference we see is that while CSF is very well optimized for cPanel with lot of additional custom configuration like monitoring unwanted scripts, monitoring exim login attempts and blocking them if necessary, monitoring service...
my /usr/local/cpanel/logs/login_log is full of failed whm login attempts from ip addresses in verry strange countrys but it looks like the attackers know the defending mechanism against this type of attack because they stop after two failed attempts and a few hours hours later they try again.
I know this would be a working as designed status as my LF_CPANEL is set to 5 so it only...
Is the intended behavior that csf /lfd will only email upon the first WHM root access from the same IP within so many hours?
I'm trying to figure out why lfd only sent one email WHM/Cpanel root access alert when I logged in and out and then in again a few times to WHM. The cpanel login_log shows all three WHM logins, but lfd only emailed once and only logged the first whm login to...
In csf v14.09 when I have permanent deny rules in /etc/csf/csf.deny like the following:
tcp|in|d=1_65535|s=64.62.128.0/17 # do not delete
tcp|in|d=1_65535|s=64.71.32.0/19 # do not delete
tcp|in|d=1_65535|s=64.71.128.0/18 # do not delete
tcp|in|d=1_65535|s=64.90.32.0/19 # do not delete
tcp|in|d=1_65535|s=64.91.224.0/19 # do not delete
tcp|in|d=1_65535|s=64.225.0.0/17 # do not delete...
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum