ConfigServer Community Forum

Hi,

Could you add an option into the csf.conf that will allow to choose which mail address must receive the alert mails.

Hello folks,

I have fallen in love with your DA plugin. This is a fantastic value added service for our Ded and VPS server customers.

I would like to volunteer to translate the DA plugin main settings and buttons into spanish.

Is this possible ? How could I do this ?

Hi Chirpy :)

I would like to NOT block people after such a mod_sec failure :
Error processing request body: Multipart: final boundary missing

How could I do that ?

Thank you !

x.x.x.x # lfd: 5 (cpanel) login failures from x.x.x.x in the last 300 secs - Mon Jan 19 20:06:44 2009

Would it be possible to know if this was an actual /cpanel or :2083 attempt vs. webmail or whm? This could help with overall granularity and deciding on what to set as permanent blocks or temp blocks, thanks.

Can You create 2-3 version of CSF as it is with cPanel?

For example: STABLE, RELEASE and maybe CURRENT.

Hello,

If found this script with download link on the website
h-t-t-p://tanchaz.hu/blockhosts/
it is originally for blockhosts en denyhost firewall solutions.

but seems simple to modifie for use with csf and lfd.
it reads the ip adresses inside /etc/hosts.deny file into mysql,
and makes it possible to view them online include a country flag.
only the way the file reading takes place seems to...

OpenVZ kernels now have the module ipt_owner virtualized so using the SMTP_BLOCK should be possible for VPSes.

I did use a vps to connect to SMTP server of a shared hosting I have and sent mail successfully by cleancode.org email tool, after this I issued:

iptables -I OUTPUT -p tcp --dport 25 -m owner --uid-owner root -j REJECT

and the same command of the last test brought:

email: FATAL:...

Any new instructions for vps new account with lxadmin would be greatly appreciated.

Hello,
Seems the csf is adding/blocking only port 25 and we have port 26 too which is causing the abuser to continiue sending:

Time: Fri Nov 21 18:34:32 2008 -0500
Type: AUTHRELAY, Remote IP - 66.201.176.126 (US/United States/-)
Count: 101 emails relayed
Blocked: Yes

Sample of the first 10 emails:

2008-11-21 18:28:22 1L3fQ3-0002O5-GH <= user@domain.com H=(66.201.177.132) P=esmtpa...

Would it be possible to add disable blocking yahoo crawler like the google one was added please

I keep getting these :

Time: Sat Dec 13 06:02:41 2008 +0000
IP: 72.30.142.91 (US/United States/llf531125.crawl.yahoo.net)
Hits: 1
Blocked: temporarily for 3600 seconds

Sample of block hits:
Dec 13 06:02:36 ns1 kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT=...

hi .
i`m have server linux and use Csf firewall . but my are problem . distance, that install & config . coustomer and me can not connect too ftp server . if disable csf . can connect too ftp . mind problem is configtion that is csf. what are doing ? who connect too ftp server is time enable csf ????

Hi,

Is it possible to show the release dates in the changelog located @ ?

If you've set the automatic upgrade feature it's not always clear to what version the script was updated. It's maybe an idea to add a few lines to the upgrade log e-mail so you know, e.g. :

installed version : 4.26
updating to version : 4.28

Cheers.

I would like to see the ability to control how long logs are kept for LFD in /var/log/lfd_log and /var/log/lfd_log.*.gz . Currently it appears that LFD will only use 1 archived log file (lfd_log.1.gz) and this does not store enough log data for my purposes. I would love to be able to configure CSF to use multiple archived files or to be able to specify the number of days (or maybe weeks) that log...

Any chance to give a solution for this problem with exim logs? Spammers can do their job when this is happening. I'm using the LF_SCRIPT_ feature.

Id love to see a built in applet that would make it easy for us newbies to select and block regions of the world by IP range

My servers serve mostly a US based auto enthusiast audience.

While CSF does a nice job of of blocking repeated attacks, after getting repeated attacks from China, Tiawan and some of the stans it would be easier to simply block them entirely.

I used to use an applet...

as the function of csf.allow is to let traffic be sent to or come from a whitelisted IP, it should be able to bypass the UID/GID limit for port 25,

For example in a case we had to use a remote smtp of an off server bought mail account for the whmcs script, the off server mail account is used for redundancy, we were however unable to let anyone other than cpanel, mailman, root, mail, ... use the...

It would be fantastic if you could find the time to tweak csf/lfd to be cPanel DNS ONLY compatible?

I'd be more than happy to set up a cPanel DNS ONLY VPS for you to test on. It mostly seems to work, but throws a few errors on restarting, like Couldn't load target `acctboth' , Could not create /etc/cron.d/csf_update and exec of /usr/local/bandmin/bandminstart failed - seemingly not too...

In settings, TCP_OUT
port 2087 is missed in default configuration so cPanel feature WebDisk won't work.

Need to add:
exe:/var/cpanel/3rdparty/bin/php

cPanel moved where they have the internal PHP now :)

Would it be possible to do either of the following:

1. Log all csf/lfd blocks and removes to a database of some nature, to enable this to be queried for use elsewhere by non-privelidged accounts

or 2. Add some form of hook script to be run after an IP is blocked or removed from the blocklist (much like cpanels postupcp method)

My reason for asking is I am trying to create some form of...