Most new operating systems are switching to journald instead of syslog for logging as it provides a much needed unified interface for logging. It would be good if CSF could support this similar to fail2ban.
I find csf will not check ip in list or not, if same ip for multi attack, csf will add multi times
I know we can't realtime to check ip list because it will slow down server, but can you add a function let us click on it and check ip list then remove duplicate one?
As per CSF v14.17
SMTPAUTH_LOG= /var/log/maillog handles
.* postfix/smtpd : warning: unknown : SASL LOGIN authentication failed: authentication failure
but it does not handle
.* postfix/smtps/smtpd : warning: unknown : SASL LOGIN authentication failed: authentication failure
so for the latter lines you still need to use CUSTOM?_LOG and /etc/csf/regex.custom.pm
I notice that when I run my csf installer script on my ipv6-only hosts, it fails. Seems like download.configserver.com isn't reachable over ipv6. Could you please enable ipv6? I know there aren't many ipv6-only hosts around, but I'm pretty sure that will change in the upcoming few years.
Similar to existing ST_APACHE and PT_APACHESTATUS, it would be nice to be able to collect nginx and PHP FPM statistical data based on status information they provide:
Hi all,
I use Csf in all my production and testing servers (mostly Debian and Debian like) and never got a single problem....but...I also use a lot of OpenWrt routers and I think it would be a lot better to install a Csf on them, to centralize firewalling and not having Dmz or similar on the routers avoiding each server manage the firewalling...
Installing on the OpenWrt, behind which there are...
Hello,
Emails as a basic notification system is not enough and even not-contemporary, definitely.
Same messages sent to own log file at-least allow to write own parsing script to process the ones.
It should not be so difficult to implement, I hope...just add two options to /etc/csf.conf
SEND COPY of email body to own log file = 0(not) / 1(yes)
OWNLOGFILEPATH = /var/log/path/lfdown.log/
+ add a...
We have received few bug reports from our users saying that some Webmin modules `index.cgi` files are getting destroyed and overwritten with a symlink to CSF. :) I have checked your code and added few fixes to add extra protection before making such changes and also fix message formatting.
Could you please be kind to fix that for the next 14.16 release?
Please add csf.deny.bak function when we press `Flush All Block` button. Because no any warning for faulty pressing. Today I lost more than 4000 bad IP address.
I think it would be amazing if we could have advanced port filtering for csf.ignore file. I prefer to use this sparingly if not at all since it ignores all activity from an IP, but all too often we get requests from customers that cannot figure out which email client is causing them LFD blocks and want us to add their IP to csf.ignore. I provide the warnings about making sure all devices on...
It has become standard to block bad API calls with a 400 status.
With MVP architecture so prominent on the web, it has become commonplace to build everything as an API (for AJAX to serve the front end of a website).
Our API endpoints, especially login endpoints, constantly get bombarded with SQL injection attempts. These requests fail with a 400 Bad Request status.
There has been recent exim 4.95 changes made which.smtp transports rfc compliant:
It based on RFC 2822 / RFC 5322 (Internet Message Format).
2.1.1. Line Length Limits
There are two limits that this specification places on the number of
characters in a line. Each line of characters MUST be no more than
998 characters, and SHOULD be no more than 78 characters, excluding
the CRLF....
Hi, I'm new to the forum and was clicking around a few of the pinned topics, and noticed that at least one has a dead link:
The link at the bottom is but I assume the forum migrated at some point to the new link format with viewtopic.php instead. Substituting viewtopic for showthread in the link pulls up what appears to be the correct link.
Maybe the DB could be search/replace for this to do...
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum