We have CSF installed on our server and it seems to block mail coming from our billing system. I have configured it to allow the SMTP PHP mail to go through. It starts working for a few days then starts blocking again. I have to reboot the CSF services for it to start working again then it does the same thing a few days later.
Hi, I am using csf: v13.06 on WHM server (CentOS Linux release 7.7.1908 (Core)).
It seems I am no longer receive email alert whem someone access through WHM or cPanel.
My IP is not listed csf.allow or csf.ignore .
My relevant config is:
Hoping someone can provide a quick answer to this.
I've installed csf on amazon linux 2 latest version. When attempting to start it it's failing with the following message:
Oct 07 15:32:54 dev-ci-single-11.189 csf : open3: exec of is-active firewalld failed at /usr/sbin/csf line 906.
Oct 07 15:32:54 dev-ci-single-11.189 systemd : csf.service: main process exited, code=exited,...
I recentley added the Firehole Level 1 block list (4400 IPs which is a combination of block lists. I'm surprised I'm not seeing any blocks from it in the log. Do I need to change a setting to log blocks from block lists?
I have a Wordpress site that uses a different admin login username. Somehow the new username got broadcast to whatever hackers get their known usernames for a site from as now I can see in my Wordpress logs there are frequent failed logins for this username from different IP addresses. I believe all brute force attacks have to be based on detecting login attempts from the same IP address and...
Anyone who has added Comodo WAF (CWAF for WHM/Cpanel) have any issues running it with Configserver at the same time? Or does Comodo WAF have too many potential issues?
Hello. I like csf and use it on all servers. Some times ago I try to use docker. If I use network as host-mode and enable docker in csf.conf - all worked fine. But if I use docker-compose with bridge network - it's not worked. I find some script to fix it puppet-csf .
Now docker work fine and csf worked, but script create DOCKER-ISOLATIONS rule and csf blocks all ports without port used by...
I also started to receive this messages this week. I Googled it and some people suggest to disable this command from Cron. Not sure if this is the correct solution.
Does anyone know how to fix it?
We use CSF on 30+ servers since very long time ago, always without any serious issues. Only a few months ago, randomly LFD process just stops (many servers affected), giving this message and error bellow:
Oct 4 09:52:20 sh1 lfd : iptables appears to have been flushed - running *csf startup*...
Oct 4 09:52:28 sh1 lfd : csf startup completed
Oct 4 09:52:28 sh1 lfd : *Error* csf reported an...
Hello,
i want to exclude a Country from blocklists.
Blocklists provide good protection but they have some false reports (specially in dynamic ips from ISP providers).
For this reason i want to exclude the Country with the most visitors.
I have try the CC_IGNORE but they not work.
Is any way to do this? I think is very useful feature.
Thank you
When a process exceeds the maximum execution time, the notification doesn't tell me what script was running. Anyway to get LFD to include the information? If not, any suggestions (other than modifying all my scripts) to log the execution time of all PHP scripts being executed on the server and include the script pathname?
for many years i used this rules and it worked but recently i found it stop working, eg, i removed special port like 22 from csf config to block global access to this port, and added some IPs to whitelist csf.allow to able to access this port. only some IPs. everything worked as well but recently i found this port is open to all. i restarted csf, it fixed but after some days when i tested froma...
mx is set to use a third party email provider such as Zoho or gsuite for email and
the VPS only sends outgoing email from web scripts, CSF/LFD and cpanel,
then is incoming SMTP actually required?
If not, how does one lock it down to help stop bots/hackers?
Hello, I have an idea and I'm wondering if it's practical. It would require CSF Firewall considering every access of a PHP page to be a login failure, even though there was no actual login.
My idea is simple. Almost all my sites are hand coded, so there does not exist (for example) a page named wp-login.php. I want to redirect all those requests for non-existent CMS or forum logins to a single...
I'm very interested in adding https use to messenger which I use fine for years
Logs
Feb 27 18:45:31 web1 lfd : MESSENGER: Error starting HTTPS service: No SSL certs found in MESSENGER_HTTPS_CONF location
Feb 27 18:45:31 web1 lfd : MESSENGER: HTTPS service temporarily DISABLED
See in csf.conf
This option points to the file(s) containing the Apache VirtualHost...
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum