ConfigServer Community Forum

Hello.
I use csf on Debian 10.
/lib/systemd/systemd-timesyncd added to /etc/csf/csf.pignore by default. But I periodically receive mail about Excessive resource usage: systemd-timesync . Please help resolve problem.

Good morning,

I'm at this time writting an update script and wish to integrate CSF update inside this update script. Is there a way to check updates of CSF throught a BASH script?

As of today 31 Jan 2021 nearly all incoming mail is getting rejected because the sending mail servers are in an RBL.
And adding to the disable/enable file /etc/csf/csf.rblconf ( example) disablerbl:dnsbl-3.uceprotect.net isn't working either.
Any suggestions? Is there a RBL that's missconfigured?

Hello,

I am having trouble with this. Please can someone help me with the custom Regex. I tried to whitelist user in pignore, but not working. Basically I dont want these suspicious file notices as they are false positive, so I need a regex or to know how to whitelist this user:...

We have dedicate server and which centos with cpanel and multiple domains hosted on it

Our dedicate ip is 95.216.42.246

We have installed csf firewall on it

We are getting issue since 2 weeks

our ip get blacklisted again again

on CBL and spamhaus and they give reason as given below

Technical details of the matsnu detection

This was detected by a tcp connection from 95.216.42.246 on port...

I apply the ports I want to open and, when restarting CSF, it opens all ports:

TCP_IN =
1:65535

Has anyone here created a PHP script in order to blacklist IP addresses in CSF to the Sucuri blacklist using their API as can be done with Cloudflare?

Is it possible to redirect all blocked ips to a new address liked siteaddress.com/blocked to notify if a user is being blocked.

I get a lot of clients who get blocked due to incorrect email login attempts so would like to show the users they've been blocked instead of the sites showing a 500 error.

Hi guys

I recently started up my first AWS EC2 instance, installed WHM/cPanel and migrated a few sites across. All going great, sites running perfectly and emails going in and out. Installed Configserver and suddenly my mail stopped sending.

Took me 2 days to actually realise it wasn't sending, when I looked in to it I found after several hours that the sending port (465) wasn't being allowed...

Hello ALL,
I use CSF many years and have created many custom rules based on - but very first time I've met a problem what I can't understand - because everything looks correct - but does not work.

1) I have created a custom log file what is producing by BASH script adding lines like
printf BadIP 212.3.197.165\n >> /var/log/blacklist.log
So BLACKLIST.LOG is very simple and looks like
BadIP...

Hello

Is there a way a bulk IP POP3 or imap will IP's will be allowed? I tried IP like this (for example only)
123.45.0.0/24 # csf.allow

then I saw some IP IN csf.deny
123.45.111.222 # lfd: (pop3d) Failed POP3 login from 123.45.111.222

can somebody explain to me why is this happening?
how can I make this work?
May I know if my bulk IP allow is correct declared?

Ran into an odd issue today, CSF was reporting that it couldn't restart. This was the error in the startup logs:

Error: FASTSTART: (csf.allow IPv4) [] . Try restarting csf with FASTSTART disabled, at line 5587

I disabled FASTSTART and that did allow CSF to start, but I have no idea what that means. Any idea?

Good morning,

I have two IPs in my cPanel server, one for web purposes and a secondary IP for outgoing email. To avoid malicious things use the secondary IP, I wish to restrict this secondary IP to only SMTP ports. How can I achieve that with the CSF plugin in my cPanel?

Thanks in advance.

To demonstrate this question,

Let's say I have this 3 IPs:

1.1.1.1, 1.1.1.2 and 1.1.1.3

Now I want to block each of this IP individually using csf. So,

csf -d 1.1.1.1
csf -d 1.1.1.2
csf -d 1.1.1.3

Success, now all of them are blocked in /etc/csf/csf.deny

But then if I want to block 3 of them using CIDR /24 notation. So I did this:

csf -d 1.1.1.0/24

Success, but CSF did not remove the...

Hello,

Centos and Redhat have now moved away from Docker to Podman but i am unable to get CSF to work with podman. Docker used interface docker0 but podman uses a new interface for each container. e.g. veth11088f88

Any suggestions would be welcome.

I have tested the below config but with no luck.

# podman network inspect podman
[
{
cniVersion : 0.4.0 ,
name : podman ,
plugins : [
{...

Hi,

Started noticing suricata alerts based on this ET.
ET DNS Query for .su TLD (Soviet Union) Often Malware Related

network.data.decoded .............ns2.magicgenericmart.su.....

UDP traffic

(..5.?._X..............ns2.magicgenericmart.su..............W. .ns1...admin..w..@...X......u.....

Exploring tcpdump to pcap gives an indication that it still hits the cPanel host even though...

I'm running CentOS 7 with csf v14.08. If i log into webmin and restart CSF it works fine. If i go to restart LFD, it shows a blank response and says done. But on SSH, it says that the LFD restart is pending, and will stay that way for 90s until it times out and the service is killed. Which after that, the webmin interface dies. Here is the service status log before, during and after I try to...

Hi, how are you doing folks. I have an issue with the cPanel email deliverability section.

When I have CSF firewall enabled, I get an error

When I have CSF disabled, that section works perfectly...

I tried clearing the blacklisted IPS but it didnt help.. the only thing that helps is when I turn OFF the firewall.. Is there any port used by cPanel to check the email deliverabilit?

Is...

I've set up CSF within Virtualmin, including the admin module successfully using the documentation instructions to the letter. Virtualmin is running on a fully patched Ubuntu 18.04.5 running on AWS with a firewall rule in AWS set to block SSH port 22 to only accept connections from my IP address, no other rules in AWS firewall. All seems to work well. Virtualmin is set up with one domain running...

I have 2 VPS both managed by WHM-cPanel
One of them is very old and works fine, while new one just installed Centos7 and cPanel.
On both VPSs run same CSF v14.08.
I am facing a strange bug on the new VPS cPanel installation.
The TCP_IN: List is not applied at all
That means, what ever port i add to this list, does not open.
The List that the i get from the View Listening Ports button, has nothing...