i have ConfigServer Security & Firewall - csf v6.43 installed on my cpanel server
iam getting too many email alerts as the most of them are like
SSH login alert for user root from XXXXXX
XXX is my ip address. can i exclude my ip adress from the watch list? so i dont recieve such emails alerts if it come from my ip, but still check other ip addresses?
Hi.
Our VPS provider has its own account on our servers with UID 0.
LFD is alerting me to a possible root compromise on this account constantly.
Is there a way to turn off the alerting for a single account?
eg tell lfd to ignore account with name VPS-provider .
I know how to turn off the system exploit checking completely but for security reasons i dont want to do that.
Hey guys,
I'm new to CSF, but I think it's amazing! I am running CSF v7.60 on CentOS 6.5 Final.
I am trying it on an asterisk PBX that is dedicated for VoIP faxing and am having some issues which I have been unable to diagnose. When the CSF is enabled, faxes fail. When I disable CSF and load a regular iptables script instead, they are flawless. I haven't been able to figure out why.
I'm running into an issue with IP's getting blocked for Port Flooding. Most specifically, Whenever I have an Iphone try and configure an email account, they will be blocked for port scanning.
Do I have something set wrong?
Any ideas on optimizing these settings to stop this behavior.
In csf ver 7.59 on CentOS 6.6 with WHM 11.46.2 (build 4), when we try to compare profile configurations by selecting protection_high as first config and /etc/csf/csf.conf (current config) as second config, it doesn't show anything! However, if we select protection_medium or protection_low, it then shows the table of comparision. Is this a bug or are we doing something wrong?!!
I just happened to notice that I am able to add the same IP as many times as I want via the Quick Deny. Checking another server, I'm not, as expected.
csf: v7.58
Folks, I have csf/lfd installed (no cpanel) and I'm having a hard time getting my game server to work.
It uses ports 10777,11777,9000,9010,7777,7778,7787,28902`
After trying to get all the ports in the right spots, just to get it going I added all of them to the TCP_OUT,UDP_IN and UDP_OUT sections of the csf.conf and it didn't work.
The closest I got was when I added the shell script that...
How do I block access to port 25 for all IP addresses and allop only my hosted mail filter access to port 25 for mail delivery?
I tried to add this to the deny rules:
tcp|in|d=25|s=all
then added the the mail filters IP range to the allow rules. I tried to test using mxtoolbox but they are able to connect and get a 220 and 250 session transcript. I was under the impression that this...
First of all, I'd like to say I am most impressed with the work done on CSF, it's leaps and bounds ahead of manually editing iptables at the command prompt. Especially for someone who isn't very strong in linux. With that said..
We have a new server build of Ubuntu 10 LTS, which originally came with a DirectAdmin control panel. DA had huge issues in getting along with Webmin, so the ISP rebuilt...
As the title says, we have CSF running and successfully blocking IPs from .htaccess based login failures. We are running nginx, but we have updated the log file locations to our nginx logs and CSF is working great. IPs are auto added to csf.deny after several failed login attempts.
Our problem arises in that users can still load up the website even after their IP has been blocked. They are...
I keep noticing that the iptables service isnt running - it seems like since I installed CSF - just from a timeline perspective. Is there something I might have done wrong to cause this?
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum