ConfigServer Community Forum

Hello!

I've been looking everywhere but I have not been able or unwilling to help. The problem is I want to enable the messenger to take them to index.html but I could not make it work.

I can give you the exact steps that I condifigurar to make it work?

Excuse me, is that I'm new to these Linux. :(

Hi guys

I am a newbie to CSF as you will see very soon...

I am using DirectAdmin, managing my new VPS which is running Centos. My site is using only MySQL and PHP.
CSF v5.09 is installed.

Since I am not sure what is the best way to configure the firewall, I thought about using one of the Firewall Security Levels provided in CSF (which I access from DirectAdmin).

I thought about trying the...

Hi,

Last night, I got an email alert saying that someone logged in to root from an IP in the Netherland (I'm in Canada). Two mins later, I get another alert email saying someone logged in as root from USA.

I was lucky enough I was infront of my PC. I quickly logged in, blocked both IPs and changed my password.

I am baffled as to how the 2 ips were able to login as root in whm.. We keep our...

csf -ca 82.83.84.85
Can't locate object method new via package Crypt::CBC (perhaps you forgot to load Crypt::CBC ?) at /usr/sbin/csf line 443.

I'm getting excessive resource usage for sftp and ssh connections (which is fine as I'm pretty confident they are legitimate users), but the client would like confirmation that it is their IP that is connecting.

Is there a way to find that.

I can view the logs but they only show the process and resource, not the IP.

Hello,

Ruby on Rails under cpanel uses the mongrel server, and so is a long running process that needs to be ignored by lfd.

The process is:

/usr/bin/ruby /usr/bin/mongrel_rails start -p xxx -d -e production -P log/mongrel.pid

I don't want to ignore all long running ruby processes, so I'd like to be able to include the parameter in the csf.pignore match:

pexe:/usr/bin/ruby...

I've noticed lately I'm getting a lot of attacks via FTP. I've checked the CSF configuration, and I've found this:

FTPD_LOG = /var/log/secure (restricted UI item)

Obviously, this can't be right, because /var/log/secure doesn't exist. Should I change this value to /var/log/proftpd/auth.log?

I'm using DirectAdmin for a control panel. It's unknown to me if DA uses a different log file format....

HOWDY,
I set the watch dir to monitor a dir with 100 of files ...
I want it to notify me when a file changed and with the changed file name ...

Its always sending me all file name in the dir ... advise plz ...

Hi,

The questions is in regard to this:
# Send an email alert if anyone logs in successfully using SSH
LF_SSH_EMAIL_ALERT = 0

Is it possible to whitelist a username that logs in via SSH so that when it happens I do not get an email?]

I tried to whitelist the source IP and also added user:USERNAME to csf.pignore but nothing helped

Please advise
Thanks

Hi,

can anybody help me with this error MSG. Is this something I can ignore or its something really serious? Thanks!

Time: Thu Oct 10 17:28:01 2013 +0200
PID: 22646 (Parent PID:12999)
Account: postfix
Uptime: 99 seconds

Executable:

/usr/libexec/postfix/smtp

Command Line (often faked in exploits):

smtp -t unix -u

Network connections by the process (if any):

tcp: MYIO:52335 ->...

Hello,

I have been and am very grateful for this specail feature of CSF as it helps me catch problems like pop accounts with bad passwords getting hacked ;) However, during the last couple weeks I noticed to of my newer Cpanel machines not sending me out any emails for pop accounts that send out a lot of email. I saw in both cases tons of emails sent out by pop accounts, verifiable via the...

Dear,
I have an packet lost issue when Config Firewall is enable and when is disable everything is OK.

Any advice?

Thanks, Mario

Hi there, we have a cPanel server which is doing both mail and web hosting, we're finding that periodically yahoo and google mail servers are getting blocked, which stops exim delivering mail to those servers, leading to it getting held up in the queue. Here's an example block of a google server (1e100 net) from this morning:

Time: Tue Sep 17 06:48:40 2013 +0100
IP: 173.194.66.26 (US/United...

Hello,
I've a curious problem (CSF 6.35, cPanel 11.38.2.7):
I can see blocked ip ad rules in mod security page of WHM, and I can see rules and ip with ConfigServer ModSec Control (ModSecurity Log with last 20 entries).
So, my system works. Now, i've installed CSF, and that are my settings:
LF_MODSEC = 2
LF_MODSEC_PERM = 1800
MODSEC_LOG = /usr/local/apache/logs/modsec_audit.log (restricted UI...

Hello,
Brand new to CSF and really enjoy it's features. I am running Centos 5.9 with DirectAdmin and would like to know where I can enable and configure the Block IP features to operate in the Brute Force Monitor section. In advance I thank you for your response.
B -

Hello,

I have checked my own server and my own servers provider. NO routing issues nor firewall issues on our side. Possible, csf website blocking my server?

Thanks

I start the csf but in exactly 1 min
I see in the cron log

host crond: (root) CMD (/etc/init.d/iptables stop)

then I see my csf is
Firewall Status: Enabled but Stopped

I did not stop the iptables !

It goes on every Min and turns off the csf automatically like a cron

I check my crons but did not find any thing
Where should I look for the problem?

I'm sure I'm missing something simple...

I have SMTP_BLOCK disabled:
SMTP_BLOCK = 0

I can manually open a connection to my SMTP Server over Port 465 from the command prompt, which tells me iptables is allowing outbound connections properly.

# iptables -L | grep -i smtp
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:smtp

However, a script fails to connect to my SMTP server (SMTP using...

I keep getting this error in logs today
Unable to retrieve blocklist DSHIELD - Unable to download: 599 - Net::SSLeay 1.49 must be installed for https support

I have Net::SSLeay1.55 and I don't intend to downgrade. Have you any idea what is wrong

Hi There,

I've just installed csf (v.635) on a fresh server, which should meet all the prerequisites of csf, but when trying to start it I can given:

Undefined subroutine &main::cleanup called at /usr/sbin/csf line 119.

Everything is basically a clean install, so I'm not sure what it could be that is causing it to fail...

The line in question from the file is:

sysopen (CSFLOCKFILE,...