I got a situation here: I installed a brand new server (CentOs 6.4 x64 - converted to CloudLinux) and after I installed csf firewall and it takes at least 3-5 minutes to restart. I saw that bandmin stops csf to restart very fast. In other servers this never happens and I don't know why. Also another thing is when the server reboots, it tooks a lot (~5 minutes) for bandmin to restart...
Is it possible to disable/set SMTP_ALLOWLOCAL to 1 but still allow webmail (Horde and Roundcube) usage? I have a particular account which has its wordpress constantly hacked even with auto-updates which I would like to just disable use of smtp_allowlocal altogether. It does have valid email accounts which are heavily used through their email software which eliminates many of the other options....
In csf I have this line UDP_OUT = 53,113,123,19567:19600
but I keep getting this in logs
Jul 16 23:03:52 xtest kernel: Firewall: *UDP_OUT Blocked* IN= OUT=eth0 SRC=x.x.x.53 DST=x.x.x.139 LEN=86 TOS=0x00 PREC=0x00 TTL=64 ID=62088 DF PROTO=UDP SPT=19567 DPT=10002 LEN=66 UID=1000 GID=1000
I installed CSF (8.01) on my new Debian 8 server. However, I am unable to start the csf service when IP6 is enabled in the csf configuration. I get the following error:
ip6tables v1.4.21: can't initialize ip6tables table `nat': Table does not exist (do you need to insmod?)
Perhaps ip6tables or your kernel needs to be upgraded.
One of our servers has just upgraded itself to CSF v8.0 and as far as I can tell, nothing specified in /etc/csf/csf.allow is being allowed anymore.
I can see the actual rules have been created properly in the ALLOWIN chain and I can see that the ALLOWIN chain is being called from the LOCALINPUT chain, but traffic is never making it into the LOCALINPUT chain in the first place.
Sorry if this has been discussed before - I tried searching using a few different terms. However, I'm getting grief from my hosting provider about the number of emails my VPS is sending. By far, the largest amount is coming from CSF/LFD alerts.
I'm was trying to find a configuration option to send one daily email with all alerts instead of individual alerts, but I wasn't able to see anything...
I purchased and installed CSF and now I am facing issue with my ftp connection, FTP gets connected but files do not get uploaded and show no progress, says 0%. I turned off firewall and its now working.
I am getting a lot of alerts of individual IPs that are being blocked even though I have a CIDR block setup to deny the block that would included the IP that is being blocked. I love Configserver and like that it is mostly working, but all the individual blocks are making me increase my Deny limit. This has been happening for several months now and I am running the latest version. Any...
I am trying to be passed for pci compliance by trustwave.
I set:
IGNORE_ALLOW = 0 and add their IP(s) to csf.ignore
But they are being blocked. Explanation from them is so:
Desc:
During the course of the scan, TrustKeeper detected an unidentified protocol on common web ports. In some cases, this may be caused by network security devices actively blocking the vulnerability scan, which it may...
Hi, i run centos7.1 with csf firewall + directadmin and try unblock one ipv6 address and not success
first i enable Requires ip6tables and then i did it:
$ csf -a 2001:0503:ff39:1000:0000:0000:0000:0074 test
Adding 2001:0503:ff39:1000:0000:0000:0000:0074 to csf.allow and iptables ACCEPT...
ACCEPT all opt in !lo out * 2001:503:ff39:1000::74 -> ::/0
ACCEPT all opt in * out !lo ::/0 ->...
With the updated version 6 of CSF I can no longer use Country Codes to block. I used to block CN,RU and I do not want anything to do with these countries at all. All I ever get is a constant barrage of attacks a day by the hundreds. Now I need to add the Middle East and North Korea. any time I use a country code in the CC_DENY = Box I get an error if FASTSTART = is set to (true) 1. I can load...
Recently been hit by a distributed attack from many geo location on SMTP, system, FTP etc.
I tried and liked CC_ALLOW_FILTER = and added my country there and it was great, but little later realize that this block everyone (great) on all ports (including port:80).
Wondering if there is any way to block all ports except 80 from everywhere except my country?
I've googled this a bit, but am not having any luck. Part of our perl libraries seems to be corrupted, and I have tried to --force to reinstall, but I am not sure which exact modules or command I should run to get this back up.
It is on a cpanel ( WHM 11.48.4 (build 4) ) /CentOS system, and when I try to reinstall csf, I get this:
Checking Perl modules...mode of `os.pl' retained as 0700...
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum