In /var/log/messages I see many of these types of messages, in fact they are the only ones I see:
systemd-logind: Failed to remove runtime directory /run/user/0: Device or resource busy
When I google this message, the first result is:
which one of the posters seems to indicate could be caused by lfd.
We are currently evaluating if we can use CloudLinux's Imunify360 solution which has a CSF Integration mode.
In Imunify360, when it detects CSF blocked an IP, it will move that block from CSF to Imunify360, however it relies on the 'BLOCK_REPORT' function of CSF.
During our testing, we've noticed that sometimes CSF will block an IP but Imunify360 didn't see the block....
I am looking at how to block IP addresses with CSF, and find that the following command suits my needs:
sudo csf -d 10.0.0.1 do not delete
The response that I get back from CSF seems to indicate that this has been added to iptables:
Adding 10.0.0.1 to csf.deny and iptables DROP...
DROP all opt -- in !lo out * 10.0.0.1 -> 0.0.0.0/0
LOGDROPOUT all opt -- in * out !lo 0.0.0.0/0 -> 10.0.0.1...
I updated my cpanel to the latest version and rebooted my server. CSF is up to date but the server can't even be pinged if the firewall is enabled. I ran the check on the iptables and the result says all good and csf should run on the server, but it won't.
Server: CENTOS 7.9 kvm v92.0.3
I have downloaded the last known good config profiles so if need be I can reinstall csf but I would prefer...
Hi I am trying to configure lfd Clustering in csf, however the fields are all gray outed and unable to fill any number.
I use cPanel + immunify360.
Has anyone overcome same issue? :confused:
I have an email address that is repeatedly checking my server, but that account is invalid (non-existant account), and I know that the person doing it is not malicious, but only stubborn for not updating their settings, can i skip that email address from being checked by CSF and dont block their IP?
Since the new versions of DirectAdmin we have problems with using the API for CSF. T We didn't change our scripts and it works for years well.
Debugging DirectAdmin I see the next message:
/CMD_PLUGINS_ADMIN/csf/index.raw
Command::doCommand(/CMD_PLUGINS_ADMIN/csf/index.raw)
Sessions::touch:Command::doCommand:/CMD_PLUGINS_ADMIN/csf/index.raw): no sesssion filename is set....
I have this already for a longer time but nobody responded to my other thread (november last year).
It seems csf.pignore is not ignoring certain shoutcast processes. I get this email:
Time: Wed Jan 15 20:32:31 2014 +0100
Account: admin
Resource: Process Time
Exceeded: 10888 > 1800 (seconds)
Executable: /home/admin/domains/mydomain.com/public_html/mediacp/files/shoutcast198/linux/sc_serv
Command...
In csf.conf I have
LF_IPSET = 1
LF_IPSET_HASHSIZE = 1024
LF_IPSET_MAXELEM = 65536
I have several public blocklists enabled, namely ABDE, BDEALL, SPAMDROP, etc., all of which have been working correctly on csf with ipset for several years. At this point, I don't recall precisely what I had to do to set it up initially. I thought all I did was uncomment a line in /etc/csf/blocklists to enable...
Hello Everyone,
Does anyone know if CSF process is monitored by Cpanel server manager? As some mornings i find CSF randomly stopped i want to make sure that the service restarts should this happen?
Am I getting the error below after last update, anyone else?
UPGRADE:
Tue Nov 10 16:17:08 2020:
1605035828_pre_v14_08_upgrade
ERROR:
Another app is currently holding the xtables lock. Perhaps you want to use the -w option?
Error: Error processing command for line (6 times): , at line 866
I enabled LF_IPSET and WAITLOCK, but it didn't work.
I have a cPanel / whm server with csf installed on it.I have csf configuerd to automatically report abusive ip addresses to abuseipdb blacklist it works fine however when i receive the email csf sends the blocked ip address has the wrong country for example csf just sends to me that
194.87.138.228 (RU/Russia/-) is blocked for a portscan however in this case Russia should be Germany...
my server provider blocked 25 port, and I use external SMTP service for all outgoing mails. is there someway to setup CSF to send mail notifications via external smtp with required autorization? Thanks!
I am trying to standardize my servers better with Puppet. Puppet is very good at building files with multiple lines like csf.allow, but it is more difficult to add multiple values to a single line like the TCP_IN list in csf.conf.
I attempted to add partial lines to csf.allow, but that didn't seem to work:
tcp|in|d=22 # puppet - from csf-global-allow-ssh
tcp|out|d=8140|d=192.168.118.31 # puppet...
We try setting for RBLs list in CSF another server (cPanel) Same setting is work
But has problem on this server , We try Check Update All Check standard , And Update All Check verbose it's not responding
My option detail in RBLs list
enablerbl:b.barracudacentral.org
enablerbl:bl.spamcop.net
enablerbl:cbl.abuseat.org
enablerbl:csi.cloudmark.com
enablerbl:db.wpbl.info...
So if I whitelist some IP's from a country in the Firewall Allow IPs list and then add thata country code to the CC_DENY settings, will those whitelisted IP's be allowed access to the server?
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum