nginx and csf
-
- Junior Member
- Posts: 3
- Joined: 09 Jun 2012, 11:10
nginx and csf
Hello, I've searched around for this however have not had much results.
Does ConfigServer Firefall/LFD work with the nginx installation? Ever since I swapped over to nginx, CSF went silent on attack floods on the httpd.
What do i need to provide to help get regular expressions created for the detection of such events on nginx?
Does ConfigServer Firefall/LFD work with the nginx installation? Ever since I swapped over to nginx, CSF went silent on attack floods on the httpd.
What do i need to provide to help get regular expressions created for the detection of such events on nginx?
-
- Junior Member
- Posts: 3
- Joined: 23 May 2012, 19:53
Re: nginx and csf
I'd really like to know the same. I recently switched form Apache to Nginx and love it! Really lightweight and fast compared to Apache. Combined with PHP-FPM it really works well running my site.
One thing I don't have though is any LFD protection because, by the looks of it, CSF+LFD doesn't offer any "out of the box" supprot for reading the Nginx error logs. I know I can write my own regex for this but the whole regex thing is just a completely different language to me! I don't understand the first thing about it and I'd rather not have to learn all about it just to implement this.
What I'm actually doing at the moment is compiling a small perl script that will either run as a cron job or as a service. This will scan the nginx error log every 5 mins or so. If the log has been updated since that last read, it reads the new log lines and converts these into standard Apache v2 log format. This is then written to /var/log/httpd/error.log. LFD then scans this file as normal just as though Apache was installed and blocks any rouge IPs.
I know this may seem like a bit of a long winded work-around but until CSF supports nginx in its standard regex, I think it may be the best solution. I must stress that I haven't tested this script yet, in fact I have only just started writing it but fingers crossed it will give good results. I'll just start passing 403 and 404 errors to start with and see how it goes.
Any update from the CSF guys on whether nginx is likely to be supported in the near future would be greatly appreciated.
Cheers,
Chris.
One thing I don't have though is any LFD protection because, by the looks of it, CSF+LFD doesn't offer any "out of the box" supprot for reading the Nginx error logs. I know I can write my own regex for this but the whole regex thing is just a completely different language to me! I don't understand the first thing about it and I'd rather not have to learn all about it just to implement this.
What I'm actually doing at the moment is compiling a small perl script that will either run as a cron job or as a service. This will scan the nginx error log every 5 mins or so. If the log has been updated since that last read, it reads the new log lines and converts these into standard Apache v2 log format. This is then written to /var/log/httpd/error.log. LFD then scans this file as normal just as though Apache was installed and blocks any rouge IPs.
I know this may seem like a bit of a long winded work-around but until CSF supports nginx in its standard regex, I think it may be the best solution. I must stress that I haven't tested this script yet, in fact I have only just started writing it but fingers crossed it will give good results. I'll just start passing 403 and 404 errors to start with and see how it goes.
Any update from the CSF guys on whether nginx is likely to be supported in the near future would be greatly appreciated.
Cheers,
Chris.
Re: nginx and csf
We'll consider it for the future.
Re: nginx and csf
I know it's only been a couple of months, but has this made it onto the radar yet? I really like the speed boost nginx gives (along with varnish), but I get the following message
and from other things I've read, it seems like LFD doesn't work with nginx (?)atlanta lfd[23996]: STATS: Unable to retrieve Apache Server Status [http://127.0.0.1/whm-server-status?auto] - Unable to download: Not Found
Re: nginx and csf
So, LFD still does not work with Nginx? Is it?
Re: nginx and csf
Any news on nginx support? Thanks.
Re: nginx and csf
Just as a side note to fix this issue you can do the following:darkroast wrote:..but I get the following message
atlanta lfd[23996]: STATS: Unable to retrieve Apache Server Status [http://127.0.0.1/whm-server-status?auto] - Unable to download: Not Found
- Open WHM and CSF
- Edit Firewall settings
- Locate the PT_APACHESTATUS setting
- Change value to: http://127.0.0.1:8081/whm-server-status
(Assuming your Apache port is 8081.. Adjust as required)
Re: nginx and csf
Any progress on support for nginx?
DA file locations:
/var/log/nginx/error_log
/var/log/nginx/domains/*.error_log
DA file locations:
/var/log/nginx/error_log
/var/log/nginx/domains/*.error_log
Re: nginx and csf
Found this on Google and was hoping to find nginx support. I'd rather not have to use fail2ban on top of the awesome CSF, where can one contribute code to add functionality?
Re: nginx and csf
CSF already supports nginx.