ConfigServer Community Forum

centos7 + cpanel . The default firewall for centos7 is `firewalld`.

When installing csf on centos7 server, I found `firewalld` was automatically disabled.
but `iptables ` was not automatically installed.

so it becomes no firewall on the server?

Under this circumstance,
# systemctl status iptables : not found
# systemctl status firewalld : inactive
# systemctl status csf : inactive

but...

Hi,

CSF is reporting that I should do the following:

---
You should modify /opt/alt/php56/etc/php.ini and set: enable_dl = Off

ou should modify the PHP configuration and disable commonly abused php functions, e.g.: disable_functions = show_source, system, shell_exec, passthru, exec, phpinfo, popen, proc_open

You should consider adding ini_set to the disable_functions in the PHP configuration...

Hello

I am new here and signed up to say that the recommended setting of restrict_syslog to 3 prevents user cron job logging.

Currently I have set this option to 2 to enable logging for user crons in cPanel.

However, I would like to find out what other options are available to enable logging, yet continue with the recommended 3 level ?

I read the manual and notes, but I am still not clear...

Hello,

I am running CentOS 7 without cPanel. This night csf/lfd automatically upgraded from v9.11 to 9.13...
and restarted. OK, I did not see any problem at first time, BUT few hours later I discovered
that my site can only be accessed with IP v6, and not with IP v4, which is used by the majority of users.
This is the first time I got problem after csf/lfd update (automatic or manual mode).

So...

I'm developing a server control panel and I wish to integrate csf into it (basically a link that opens a new page with CSF's integrated UI). Since I don't want users to have to enter another username and password just to login into csf, I need it to login automatically.

Where can I find the logic that generates the sessions in /var/lib/csf/ui/ui.session or is there an example of how can this be...

a longtime ago I added the mailman code here

pcmd:/usr/local/cpanel/3rdparty/bin/python /usr/local/cpanel/3rdparty/mailman/bin/qrunner.*
pcmd:/usr/local/cpanel/3rdparty/bin/python /usr/local/cpanel/3rdparty/mailman/bin/mailmanctl.*

In the past few weeks I started getting mailman alerts again

lfd on cxxx: Excessive resource usage: mailman (12392 (Parent PID:12376))

Time: Mon Aug 15...

Hello, I'm sorry this is probably a very basic question.

We are getting a lot of Suspicious Process notifications for normal things like Wordpress Cron, etc...

I'd rather not have to add a new line in the pignore file for every client. How would I go about ignoring the following, but for ALL clients?

/usr/bin/php /home/clientUsername/public_html/wp-cron.php

Hi,

i am getting many email from CSF which I have installed on my server which are of

suspicious process is running under Avahi some times some other daemons

how can I stop such emails?

I have disabled LF_PERMBLOCK_ALERT but it stopped login and login failure mails.

i want to stop process mails only.

Thanks

Hi all, hoping someone can help with this. Basically we are sending and receiving mail from google, yahoo, comcast, etc and seeing the firewall randomly block both connections in and out of our server to these domains for no apparent reason. Here is a snippet of a log from today, these are all google mail servers. They seem to randomly get blocked and then removed. I finally started adding these...

Hi, it doesn't seem to matter how high I raise the values of LF_IMAPD or LF_POP3D - if they're on all my local network devices struggle to send or receive emails with phones/tablets always giving Couldn't Sign In... warnings.

If I turn them off it's fine, but I've tried settings them at 50 or 60 etc and as soon as I restart CSF/LFD I get the Couldn't Sign In... warnings again.

The weird thing...

Hi,

I use csfpre.sh to configure iptables rules to OPENVPN and work.

But at 2 weeks aprox, openvpn stop work.

I investigate and SNAT is disabled automaticly by CSF or LFD (dont known a correct reason)

This is line on csfpre.sh:
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -j SNAT --to 200.200.200.200

When restart csf, csfpre.sh is run and work perfecly:

# iptables -t nat -L -n -v
Chain...

Hi,

what happened if I allow all port and IP traffic to my server and than add some IP to the deny list?
will it allow them all which are in deny list or not?

Hi,

can i create a user based rules on csf?

in which i create a user and allow them access to specific port or service.

Thanks

Not really sure why, but I tend to find scrolling breaks in the webmin module once you hit firewall configuration and the only way to scoll through the configuration is to click that window and use the page up/ page down keys on the keyboard.

Well that's in Firefox, in Chrome I can't even do that which makes CSF prestty unusable

This is the Webmin module.

Both browsers are on an OSX client...

Greetings,

cPanel introduced a check for the Dovecot LMTP process that connects as root to 127.0.0.1 on the socket /var/run/dovecot/lmtp.

How exactly would you whitelist something like this in CSF? Have been searching for the last half hour, and am not seeing anything. Maybe I am just overlooking things, but am really confused at this point.

cPanel says ... To resolve this issue, either open...

Hello,
Since some time we are getting Suspicious process running under user mailnull notifications. I include the notification below. We restarted Exim, but without any luck.
The process itself is:
PID: 7992 (Parent PID:7922)
Account: mailnull

Should we kill this process or are there any other things we could do?

Thank you

Gabrielle...

Hello ,
we're having multiple instances of csf installed, one of them ( server name: A30 ) reports a error:
lfd on A30: SYSLOG Check Failed
Error: Failed to detect code in SYSLOG_LOG
SYSLOG may not be running correctly on A30

Above mentioned file exists, csf can read/write to it.
Manual search for control string finds it:
# cat /var/log/syslog | grep hpi8op2eMzu93Rjbb6rdE4t
1...

Is there way where we can limit out going emails per email per hour . Say from Webmail / Pop3 email1@domain.com, email2@domain2.com can send max 200 emails for hour. If he sends more then 200 email that email user should be blocked .

please help us out.

Hello,

We have limited the emails in LOCALRELAY to 100.

*Exceeded LOCALRELAY limit* from aadmsces (101 in the last hour)
Aug 1 11:18:41 ly1 lfd : '/home/aadmsces/public_html/newsubsr' has been disabled

Is there a way to exclude certain domains from this , like all the domains should follow this limit except domain.com and domain1.com can go up to 1000 per hour or no limit.

Please help us...

Hi

I have csf running on a centos 6.5 box with webmin/virtualmin
server is running bind-9.8.2

when I run the server check test I get a warning that says:
You have a local DNS server running but do not appear to have any recursion restrictions set. This is a security and performance risk and you should look at restricting recursive lookups to the local IP addresses only

But testing dns...