ConfigServer Community Forum

Just noticed Ubuntu 20.10 seems to have nftables as default, replacing iptables.
https://discourse.ubuntu.com/t/groovy-g ... otes/15533

Just installed on a new Ubuntu 20 desktop. It turns out that Ubuntu has the iptables binaries in /usr/sbin/ now instead of /sbin/ . On installing csf with the install.sh script, it failed to pick this up and the iptables locations in the csf.conf file were left as /sbin/ When these were changed manu...

Another thought occurs to me. There are actually two different whitelist files used
csf.allow is used by csf to build the iptables rules.
csf.ignore is used by lfd
So maybe you actually need to add the IP addresses to csf.ignore instead.

My advice would be to go to the logs and see exactly what is triggering the block. It could be any number of things, but the log will tell you why that IP is being blocked. Once you've determined that, your options would be a) increase the threshold of blocking, b) remove the LFD check completely (u...

For a start he should be performing the penetration test as a hacker would see the server. Which means that he shouldn't have requested you to whitelist his IP address, in my opinion. But as CSF is blocking IP addresses by assessing from the logs how often they hit the server, it still means the por...

That would be my reading of it. The IP was suggested as a candidate for blocking by the mod_security module, but then csf refused to block it as it was in the allow list. In your conf file you'll see a line MODSEC_LOG = "/var/log/apache2/error.log" So that's where lfd is looking for that i...