I have CSF configured to block SMTP Auth attacks, syntax errors, and POP3/IMAP access attempts. However, none of those appear to be being blocked at present and only SSH attacks appear to be blocked. I've double checked my configuration and it appears to be correct, but it's like CSF is ignoring it. I installed the software with CPanel but that shouldn't be the reason for that I wouldn't think....
Hello to all,
For the last few weeks, when I try to install a WordPress from a cPanel account, I receive this error:
WordPress was installed with errors:
Downloading and unpacking
Impossible to download pack 6.7.1 from
If I stop or restart CSF, it work for a few minutes, but then block again.
In TCP_IN and TCP_OUT, ports 80 and 443 are listed.
Hi, bit new to using ConfigServer and wondered how I can change the sensitivity of the IMAP filters to allow for more failed IMAP login attempts or change the time period.
We are getting quite a few genuine logs attempts but they are failing after 10 attempts.
Is there some setting that after a certain time period can automatically Unblock the failed IP address trying to login to IMAP.
So the...
hello I receive always ldf email alerts tons of.... 500 alerts and mor at day
i've tried many solutions PT_user =0 , disabling email alerts on csf.conf
put some process in csf.pignore
tried all solutions founded on the web but nothing works
always tons of email with alerts from lfd
i have plesk and linux so not a gui not cpanel but all commands via ssh
I cannot filter email to not send via plesk...
| SYSTEM INFORMATION||
|------------------------------|-------------------------------|
|OS type and version|AlmaLinux 9.5|
|---|---|
|Webmin version|2.202|
I will likely post this also at the Webmin forums, but just in case it's relevant here, I saw a number of errors and if CSF supply the Webmin install template, a small layout issue after following the...
I have been trying to configure CSF and Docker under a Plesk server. There are many posts in forums reporting that when Docker creates a NAT redirect to certain port, that port is exposed to the entire world.
I tried to use this csfpost tool but apparently It hasn´t worked.
In some way, installing netfilters tool for saving iptables rules I have managed to store a set of iptables rules...
In searching here I was unable to see whether CSF is compatible with nftables. I only found info on iptables-nft.
My application is cPanel servers running Almalinux, on which firewalld is installed and running on nftables. My question is simply will CSF drop in to that system and run fine? (I would assume yes, that nftables is fully supported, and that no tweaks are needed. But I didn't find the...
Can someone provide a regex that handles this line in /var/log/secure? I tried a couple of things, and don't seem to get it, even trying to copy and adapt one that's already there. Here's the line:
Nov 11 13:00:01 boston systemd : pam_unix(systemd-user:session): session opened for user root(uid=0) by root(uid=0)
I have blocked the IP address 128.245.64.22 in CSF:
Table Chain num pkts bytes target prot opt in out source destination
No matches found for 128.245.64.22 in iptables
IPSET: Set:chain_DENY Match: 128.245.64.22 Setting: File:/etc/csf/csf.deny
Permanent Blocks (csf.deny): 128.245.0.0/16 # do not delete
Hi,
LF_APACHE_404 not working on cPanel with litespeed.
HTACCESS_LOG is setup with /var/log/apache2/error_log but not working
I've inserted custom regex but no work.
Can you help me to build custom 404 regex on cPanel litespeed?
I have an issue because every day I receive from lfd information about overload my server and logs shows me many connections from Microsoft adress IP. Manual block IP isn’t good because every day is another IP. In Csf I have set two parameters: CONNLIMIT 80;50,443;50 i PORTFLOOD 80;tcp;100;60,443;tcp;100;6 but it doesn’t work. Could you give me any suggest how to resolve this an issue?
I've recently setup the emails for csf/lfd and I started getting tons of emails coming through, but most of them appear to be false positives.
I've added the following rules to csf.pignore but they don't appear to be working as the emails for the very same reasons are still coming through even after restarting both CSF and even the entire server....
We are running new cPanel install on AlmaLinux via Lightsail Instance.
Configuration:
Access to WHM and cPanel is limited to single static IP
SSH port remains as 22
SSH root login disabled
The following services are enabled and working:
MySQL is bound to 127.0.0.1
2-factor authentication for WHM
Security Advisor: all in ‘green’
ImunifyAV: No malware found in scans...
Due to some requirements, I can't use PT_USERKILL to kill process over PT_USERTIME / PT_USERMEM, I need to use custom script in PT_USER_ACTION to perform advanced checks.
However, I've seen that since I switched PT_USERKILL to 0, I keep receiving Excessive resource usage emails, no matter if PT_USERKILL_ALERT is set to 0 or 1.
How can I disable the Excessive resource usage email without...
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum