I have 2 cpanel servers. One is constantly blocking my IP address. I have my WiFi IP whitelisted. But, if for any reason, like a recent power outage, the router gets rebooted and it gets assigned a new IP, that one gets blocked and I have to have someone in another network login and white list that one. This gets really irritating when I am out of the office and my Phone's Verizon IP gets...
A bit of a general question, I was wondering if when an IP is blocked in CSF (or by LFD), does it block incoming DNS queries by default or do I need to allow them to make queries?
Hi Everyone,
My Deny IP List is really starting to grow now and nearly on 1500, how high can i go with this before it starts impacting my servers performance etc?
I'm having a bit of an issue with csf/lfd blocking cPanel webmaild logins. I just checked my log in /var/local/cpanel/log/login_log and there's hundreds if not thousands of attempts to login to accounts on the server which haven't been picked up by LFD (and subsequently blocked by CSF)
I'm wondering how I would go about adding these entries to be scanned by LFD?
Hello, CSF is blocking ftp upload to my OVH remote backup destination. Backup transfer is set as ftp on port 21.
Destination is validated and working when csf is disabled. Any clue how can I fix this?
Thanks!
All of the sudden we started experiencing this same issue on 2 different servers.
When CSF is enabled, it breaks connection to port 80 for many of our customers.
Doing a tests on a websites like: when CSF is enabled , tests fail from many locations, where when CSF is disabled all tests go through just fine, no times outs.
Running latest version of csf 13.7 , CentOS 7 (cPanel) with...
After looking at some fresh csf.conf file I detected I was missing some stuff in my own csf.conf files.
Some were logical because they were only for cPanel.
Somewhere on the forums in a very old topic, I read that queue alert/interface was also only for cPanel because this worked with exim.
However, Directadmin is also using Exim mailserver.
Next to that I think script alert could also...
i need to do some thing after a csf update was successful.
Therefore i disabled the autoupdate and call the update by hand with csf -u.
Is it possible to get different return codes or something like this to know if there where no update (because latest version is installed) or if a new version was installed?
As alternative solution it would be great if i can configure an...
As a theoretical question assuming:
1) regex.custom.pm is properly formatted and without errors;
2) a log file in text format exists with one entry per line of failed logins;
3) csf has the proper log file identified as CUSTOM1_LOG in csf.conf;
4) Am I missing something?
Then csf should be able to block at the firewall a malicious user hammering away at an application login screen, said...
I've been reading the forums and the readme and I cannot get this sorted out. I have a server running Ubuntu Landscape and the following four command line items keep triggering CSF for excessive research usage:
We use CSF+LFD on all of our Linux based servers of which are endpoints, in that they are not required to do any IP forwarding/routing. (We'd use Shorewall for that.) This includes our internal office servers.
We also use two Unbound instances as our office DNS resolver, particularly as we have various internal only DNS mappings we need to establish.
I just had a new server created CentOS7 / EA4 with Apache 2.4/PHP5.6
The previous server was CentOS6.9 / EA 3
Both with CSF of course, and settings copied from the old to new.
I've run into a problem with some php backup scripts that send a mysql dump file offsite.
The scripts (which have been running for years on the old server) are failing around the ftp connection and transfer.
I ' d like to know if inside:
/etc/csf/csf.conf
I can use the following syntax for file globbing:
...
...
# Log file locations
#
# File globbing is allowed for the following logs. However, be aware that the
# more files lfd has to track, the greater the performance hit
#
# Note: File globs are only evaluated when lfd is started
#
...
...
APACHE_LOG = /var/www/vhosts/*/*/logs/*_log...
for many years i used this rules and it worked but recently i found it stop working, eg, i removed port 22 from csf config to block global access to this port, and added some IPs to whitelist csf.allow to able to access this port. only some IPs. everything worked as well but recently i found this port is open to all. i restarted csf, it fixed but after some days when i tested from a random IP...
I'm using a third party mail server to send emails for the domains hosted on the VPS. They provide MX, TXT, CNAME records (without any IP address) to add in the DNS zone file for each domain, which I did successfully and emails are being sent by the PHP script using SMTP authentication.
Thus, I have disabled all email related services (Postfix, Dovecot, etc.). As a result, I'm not getting system...
I had hundreds of http connections from the abusive IP and added IP to csf.deny. Apache status page however continued showing connections from this IP. I restarted services and killed processes without any luck. I had to add IP to CloudFlare firewall to stop the connections. Is there a certain attack rate that makes CSF and software firewall useless for this case?
I am having an issue with Cloudflare. However I do not have the Cloudflare option enabled in CSF. I don't want to send blocked IPs to Cloudflare since it's just a free account anyway and I don't like all the other restrictions I saw in the readme file. I just wanted to use Cloudflare for caching. Herein lays the issue.
There is only one website on this server and it's a WordPress site....
I started using regex.custom.pm several years ago, with great success.
However, for reasons unknown, it stopped working over a year ago. The regex.custom.pm didn't change. There have been changes to csf.conf, including automatic update changes. However, I have a copy of the conf file saved some months before the regex script stopped working, and the only difference I can see in the latest conf...
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum