ConfigServer Community Forum

Hi, is it possible to disable permanent block in CSF ?
I would like to use permanent manually and the rest rules of csf use tempban, it it possible ?

Thank you very much!

Hi,

After running the subject line command. It appears to have takenm down the network. How can I bring it back up.
Refence post from WHT.

Thanks
frank

Hello,

I'm receiving a lot of spam from Germany and need to know if blocking this country in the country code deny of csf it stop the spam.

Awaiting replies

Regards

Hello all,

I've seen on the forums that I could block a Slowloris attack using Port Flood and Connection Tracking options.
What's the recommeded configuration for those options to correctly block the Slowloris attack?

Thanks a lot,
Rogerio

Hello all,

I've enabled statistics gathering on CSF, and it seems to be working on my Centos 6.3 with webmin.
But how do I view the statistics? Is there any interface for them?

Thanks
Rogerio

Hello all, I have CSF v6.07 on a VPS and have been receiving suspicious process emails pertaining to one of my websites. I can't figure out if there's a good way to whitelist these, the following details having been changed slightly to protect the innocent:

---------Begin Email---------

lfd on #host#.com: Suspicious process running under user #user#

Command Line (often faked in exploits):...

Hello

We have a problem with dumb users from a web agency and they always block their ips with wrong usernames or with conection limit. I tried many ways increasing limits but no luck with those guys...

I was wondering a way to disable CSF auto blocking and just use csf as primary iptables ruler, to just block ports and allow some ips for full access to the server. In other words, I dont want...

Hi all,

Does any one know if csf firewall changes the file rights of wp-config.php to 600 or does some thing with file rights ??

For a period now we notice that on 1 server the wp-config.php file rights get changed to 600 and we are unsure on how it happens csf is the only scanner we have running next to the control panel (Direct admin) .

Our /var/log/messages is full of entries like this:

Sep 22 04:52:05 apogee named : client 62.6.40.178#48758: view external: query (cache) 'homefarmland.com/MX/IN' denied
Sep 22 04:52:06 apogee named : client 24.197.239.154#52579: view external: query (cache) 'homefarmland.com/MX/IN' denied
Sep 22 04:52:07 apogee named : client 74.125.181.25#65069: view external: query (cache)...

The CSF control panel page in WHM on my server is just empty after cPanel upgrade (11.32.2.15) last night.

I would like to know if I turn on Distributed SMTP Logins , but I have 3 IP addresses already whitelisted in the lfd.ignore area, if it gets triggered, would it ignore the whitelisted IP's for this check?

I just want to make sure before I turn it on.

After upgrading to WHM 11.36, I'm getting email alerts regarding excessive resource usage with Squirrelmail, for example:

Resource: Virtual Memory Size
Exceeded: 231 > 200 (MB)
Executable: /usr/local/cpanel/3rdparty/php/53/bin/php-cgi
Command Line: /usr/local/cpanel/3rdparty/php/53/bin/php-cgi /usr/local/cpanel/base/3rdparty/squirrelmail/src/right_main.php

(in addition to right_main.php, we...

This morning I opened a ticket with our server provider because our server was down, and even though it would come back up after a reboot it would go down again within a few minutes. They claim this is because the server was under attack and running out of memory, I've provided their evidence below. I manually blocked the IP address in question in CSF immediately after rebooting the server again...

Getting the above on all configserver apps (since a recent whm/cpanel update)

ConfigServer Mail Manage
ConfigServer Mail Queues
ConfigServer Explorer
ConfigServer Security&Firewall
ConfigServer eXploit Scanner

cPanel 11.25.0-R42213 - WHM 11.25.0 - X 3.9

Hello, and thank you for building this tool that I completely love.

I've been experimenting with Port Knocking and it works perfectly, but just for opening one port server-wide.

Is there a way to define multiple ports to open or different sequences for different ports?

For example: I have a server that acts as a Webmin controller for other servers, and also as a SSH proxy to the same servers....

Hello,

i'm installing a script and it ask me to open port , just as in below :

Due to Facebook policy changing, you should open port 5222 on your Firewall to make Contact Importer work.

how can i do this please ?

wish you help me please kindly

thanks

Hi all,

I'm using a global deny list from Stop Forum Spam and am keen to use their Last 30 days list that is just under 129,000 IP's (quite a beast).

It would provide a good level of protection for me, but am I safe keeping my actual max deny IPs set to the last 100 (default) but having a hard coded list this large? Or will a list this large cause issues. I'm loading it from a .txt file every...

I'm getting this error message back from lfd.

SPAMHAUS: Unable to retrieve spamhaus block list - Unable to download: Bad Gateway

Is anyone getting the same message? If so, what to do about it ?

Thanks.

Pete

Please guide me how to close one or more ports of server by CSF?

Thanks.

How to make CSF react on additional lines in my secure log, such as:

Mar 19 13:28:49 host webmin : Invalid login as user1 from 1.1.1.100
Mar 19 13:34:12 host webmin : Non-existent login as test from 1.1.1.100

How could I block those who failed logging in to Webmin for more than 3 times?

Mar 19 13:35:11 host webmin : Successful login as root from 1.1.1.100
How to send an alert email for...