ConfigServer Community Forum

Getting thousands of these a day from hundreds of IPs mostly from China Telecom and a few other countries. I've just been manually denying IPs and various CiDRs.

Anyone ever come up with an automatic CSF solution to detect and block these.

Thanks. That got rid of the error.

I'm seeing the same error since my resolv.conf is also immutable. What issue are you having with the csf.allow entries? Just wondering if I'm having a problem there as well.

But that list gets pruned from the top when the limit for the deny list is reached, which prunes the oldest. If they're no longer in chronological order, that would really mess things up.

Weird. Have you tried restarting apache as well to see if it makes a difference?

Try revising your exe line to include the first slash, so:

exe:/usr/sbin/httpd

Also, I read the changelog for the new releases and it should mention you need to manually edit the URL if that's going to be the case rather than just:

"Modified TOR URL in /etc/csf/csf.blocklists to use:" which to me says it's modifying my url as I was expecting.

Seems a little lacking in forethought not to update existing urls. The urls come with csf, so one would think they should be maintained by csf so when people like myself to decide to activate some more blocklists and have them immediately not work.

Revise your TOR line to read: (remove the space after torproject and TorBulkExitList - forum won't let me post links) TOR|86400|0|http://check.torproject .org/cgi-bin/TorBulkExitList .py?ip=1.1.1.1 The recent csf update was supposed to change this but it hasn't for some. See the other thread about i...

To also clarify, mine is CentOS 6.4 cPanel 11.38.1.6 dedicated server with many previous versions of the firewall installed.