I would like to use this service to find out if an IP is good or bad:
If it is bad, I would like to redirect all traffic from that IP to a blank page.
I am thinking of writing a script to check each IP against this service and pass matching bad IPs to a forwarding mechanism. Since I realized that doing this in realtime might not be practical. Moreover, there is a ratelimit imposed by...
i have ubuntu 12.04. In this version the logfile messages does not work. All information is now in syslog. I think configserver syslog_check needs messages for working.
Is there a way to learn syslog_check how to do or must I do without this feature?
It seems that installing CSF on cPanel v66.0.24 causes cpanel_dovecot_solr not to connect to cron 'maintenance' scriptt .
It throws 401 error and this is what you get:
$ sudo /usr/bin/test -e /etc/cpanel-dovecot-solrdisable ||
/usr/local/cpanel/3rdparty/scripts/cpanel_dovecot_solr_commit
Cpanel::Exception::HTTP::Network/(XID n7ux4c) The system failed to send an HTTP “GET” request to “ because...
One of my client claims that the access from his PC has been blocked many times by csf recently.
He restarts the rooter, then the new ip address allocated by DHCP changes(He uses dynamic ip address) and he can access to the site for a while, however, his new access ip is blocked soon again and again.
I also received the alert of csf many times when his access ip address...
I don't know how long this has been going on, I only recently discovered it in my error logs. Many years ago, though, I used to write Perl scripts and import the output from a PHP file using LWP::Simple. Like so:
I am using csf -td to block certain IP addresses. This adds them to the LOGDROPIN chain. However, in the INPUT chain, LOGDROPIN comes AFTER the ACCEPT rules for specific ports, this effectively allows IP addresses that should be denied to still hit the computer via open ports. For example, even a blocked computer can connect to ports 80 and 443 here because they come before the LOGDROPIN chain....
hello,
there is any way to exclude single email address account (email@domain.com) to LF_DISTSMTP check ? i have email account use from different server ( about 30 different ip ) but i don't want to add this ip to ignore list.
thanks
I ran into some errors today when installing CSF on an Ubuntu 18.04 VPS system.
*WARNING* TESTING mode is enabled - do not forget to disable it in the configuration
'lfd.service' -> '/usr/lib/systemd/system/lfd.service'
'csf.service' -> '/usr/lib/systemd/system/csf.service'
chcon: invalid context: ‘system_u:object_r:systemd_unit_file_t:s0’: No such file or directory
chcon: invalid context:...
Hi All, new install of CSF on Centos 7.7 with Cpanel 84. If there is an IP entry in the deny file, the service won't start. If I remove all entries in deny, it works.
LOG icmpv6 opt in * out * ::/0 -> ::/0 limit: avg 30/min burst 5 LOG flags 8 level 4 prefix Firewall: *ICMP6OUT Blocked*
DROP all opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0
REJECT all opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0...
I have a regex that I'm trying to modify for regex.custom.pm so when the server (not a user clicks) redirects to a specific page (which is logged in /var/log/apache2/access.log), after x number of attempts, it blocks that IP.
The purpose is to block bots attempting to hack a token entry form and currently, due to the software used, a failure with the form does not get logged in error_log...
Hello folks,
I notice when i'm scanning my hosting server with nmap inside of msfconsole , it put the ip of attacker in whitelist even if this ip is in blacklist.
please how to solve that???
thank you
Suddenly today I have been unable to perform a CURL command to api.stripe.com. I am able to curl to example.com (both http & https).
This is what happens on the SSH command line:
curl -v
* About to connect() to api.stripe.com port 443 (#0)
* Trying 52.62.14.35...
* Connection timed out
* Trying 13.55.5.15...
* After 86364ms connect time, move on!
* Failed connect to api.stripe.com:443;...
Can i ignore user or mailbox when RT_AUTHRELAY_LIMIT is reached?
BACKGROUND:
i am sending an e-mail from a PHP script from server A from a domain protected by cloudflare. The e-mail is sent from a PHP script via SMTP which is locared on server B
on server B is CSF
RT_AUTHRELAY_ALERT = on
RT_AUTHRELAY_LIMIT = 49
RT_AUTHRELAY_BLOCK = 1800
Not sure if this is in the right forum or not, sorry!
Basically when I am checking the server security with CSF it states 'Check nameservers Unable to resolve nameserver ' under the 'WHM Settings Check' section. This only appears on running the 'Run again and display all checks' report but under the 'Run again' report it doesn't appear. The nameserver ns1.yourdomain.com (I'm using...
Searched the forum but could not find any answer to the following question:
Would an allow ip superseed a country block?
Scenario: We have actively blocked DE (Germany) through a country block, but want to allow one static ip from Germany to be allowed using Firewall Allow IP .
Hello everyone,
I'm trying to configure csf so that only IPs from my country can access port 22.
I fill the 2 following configurations with the country code and port 22, like so:
CC_ALLOW_PORTS = GB
CC_ALLOW_PORTS_TCP = 22
And removed port 22 from TCP_IN
But i'm still getting locked out after restarting CSF.
How can I know what's the reason for this? I saw that a service called geoIP is...
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum