ConfigServer Community Forum

Thanks mbrando!

We ended up switching the user's DNS back to their domain registrar, so they can manage it, but I'll give this a shot!

Hey guys,
Is there a way to open DNS queries (port 53) globally, while still using CC_ALLOW_FILTER = US,CA for the rest of the ports?

We have some customers who's mail is getting blocked because servers outside of US/CA can't query the DNS to get the MX entries.

The issues seems to have resolved itself after 4 days. Does anyone know if CSF has as mail queue? I had changed the above settings several times, and restarted CSF+LFD several times but continued to receive notifications. Now they have finally stopped.

We are constantly receiving "Excessive Resource Usage" emails, example: Time: Sun Jan 16 10:10:34 2022 -0700 Account: <useraccount> Resource: Virtual Memory Size Exceeded: 514 > 512 (MB) Executable: /opt/cpanel/ea-php74/root/usr/sbin/php-fpm Command Line: php-fpm: pool <account> PID: 1446 ...

@sergio - I'm sorry, but this is a terrible solution because it doesn't solve the problem. How do you STOP LFD from sending them in the first place?

This is also happening to me. I have even set PT_USERMEM above what LFD is reporting and I still receive false positive emails. How can we fix this?

Hey Kdub, no - I have that working correctly - thank-you though.

I just realized what I did wrong, I forgot to remove the entries from TCP_IN, and TCP_OUT! This config works now:

TCP_IN: <empty>
CC_ALLOW: US,CA
LF_IPSET: on
FASTSTART: Off

Thanks again for your help!

Cheers,
C.

RESOLVED: I forgot to remove the ports from TCP_IN My working config is: TCP_IN: <empty> CC_ALLOW: US,CA LF_IPSET: On FASTSTART: Off -- It would be helpful if you also included the same instructions from CC_ALLOW_PORTS_TCP: "All listed ports should be removed from TCP_IN/UDP_IN to block access...

Thank Kdub, I'll try without IPSET to see if that helps. I have CentOS7 so I don't really understand what the issue is.

Are you using cPanel or Plesk? They have great migration tools, I was able to migrate all of my clients to a new server with those

Hey guys, I'm having the same issues - simply trying to block all access to the server except for US,CA, so in CC_ALLOW I have it set to: US,CA (+using LF_IPSET) - but I still get attacked from outside those countries. What is the point of using CC_ALLOW if it doesn't work?