Please add csf.deny.bak function when we press `Flush All Block` button. Because no any warning for faulty pressing. Today I lost more than 4000 bad IP address.
I think it would be amazing if we could have advanced port filtering for csf.ignore file. I prefer to use this sparingly if not at all since it ignores all activity from an IP, but all too often we get requests from customers that cannot figure out which email client is causing them LFD blocks and want us to add their IP to csf.ignore. I provide the warnings about making sure all devices on...
It has become standard to block bad API calls with a 400 status.
With MVP architecture so prominent on the web, it has become commonplace to build everything as an API (for AJAX to serve the front end of a website).
Our API endpoints, especially login endpoints, constantly get bombarded with SQL injection attempts. These requests fail with a 400 Bad Request status.
There has been recent exim 4.95 changes made which.smtp transports rfc compliant:
It based on RFC 2822 / RFC 5322 (Internet Message Format).
2.1.1. Line Length Limits
There are two limits that this specification places on the number of
characters in a line. Each line of characters MUST be no more than
998 characters, and SHOULD be no more than 78 characters, excluding
the CRLF....
Hi, I'm new to the forum and was clicking around a few of the pinned topics, and noticed that at least one has a dead link:
The link at the bottom is but I assume the forum migrated at some point to the new link format with viewtopic.php instead. Substituting viewtopic for showthread in the link pulls up what appears to be the correct link.
Maybe the DB could be search/replace for this to do...
We're running Interworx servers with qmail and have noticed that submission-logins aren't being blocked. Below is what the log entries look like in dovecot.log
Now that Rocky Linux is at an RC1, I'd like to ask about getting officially supported by CSF as a distribution, similarly to RHEL and CentOS. It is built off of the RHEL source code, and is aiming to be binary compatible with it. i.e. if it works on RHEL and CentOS, it works on Rocky.
If someone could let me know what would need to be done in order to reach that goal, I would be very...
Hello
WireGuard and Tailscale becomes used alot.
If I make no mistake anabliing it needs setting up things outside of the CSF UI or standard cfs.conf
Suggestion : integration as a checkbox option in the UI or config
Thanks
Best regards,
Yves
Suddenly csf stopped working because one table in iptables was missing. Then, it created a file csf.error and poured in some smart detection text to tell the admin, why and how he could be smarter. My server remained exposed for more than six hours. I could only notice when I tried to block an offending IP in the cluster and the affected csf installation refused to connect.
I suggest that if it's possible to add an option in the CSF to block the desire email address only on many wrong SMTP/IMAP/POP3 logins instead of blocking the whole IP , in both directadmin and CPanel . It can be an email address suspension with a notification email .
Since the current blocking the whole IP causes all other company employees under the same IP to be blocked also , and...
I have private custom ipset-managed blocklists on my system that get wiped out whenever csf is restarted,because, of course, csf is unaware of them. This poses a management problem.
Is there some way to inform csf of the existence of these ipsets? I am only aware of the support in /etc/csf/csf.blocklists, which is geared entirely to public lists dowloaded from external URLs.
CSF is great but I'm missing a LF_TEMPBLOCK_ALERT = x option.
You can use the LF_EMAIL_ALERT or LF_PERMBLOCK_ALERT options, but since permblocks won't be automatically removed (normally) and I do want to be alerted about other options (which I guess more people would like), the tempblock option is missing.
Temblocks will be removed automatically and generate a lot of email alerts, which in a...
We're 2 years further now and with Centos 8 this is really starting to get interesting.
In fact it lies in the netfilter's idea's to in time replace iptables with nftables.
Are there any plans from configserver to create a CSF firewall which works with nftables? Any insights on this?
These are from exim_mainlog:
2020-02-26 17:50:18 dovecot_login authenticator failed for ( ) :49078: 535 Incorrect authentication data
2020-02-26 17:50:20 dovecot_login authenticator failed for ( ) :43772: 535 Incorrect authentication data
2020-02-26 17:50:24 dovecot_login authenticator failed for ( ) :19374: 535 Incorrect authentication data
2020-02-26...
Hi fan of the product and thanks for offering it for free !
I had just a question/suggestion is it possible to list the ports separate from the config.
Or a port per line?
To have to go into the whole config to open ports is a bit confusing and the overview is lost since there is no order in the text line it allows for easy mistakes.
It's not a biggie just wondering if it can be formatted...
I think it would great if we could use cPanel API tokens to have servers share their deny/allow rules or deny IP list with others servers in a cluster of servers since attacks often travel along IP ranges and what not.
Maybe a caching system that you can set the frequency of deny IP sharing.
I think it will be a long time before counties are assigned IP blocks :) so you may want to change the spelling to 'Country's' on the config file for CSF:
An example would be to list port 21 here then counties listed in
CC_DENY_PORTS cannot access FTP
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum