ConfigServer Community Forum

Hello,

I´ve just installed csf on my WHM Server, and was wondering how many ips can I limit on the filed DENY_IP_LIMIT so it doesn´t consumes too many memory.

Thanks in advance

bug with file /etc/csf/csfpre.sh

I used file /etc/csf/csfpre.sh for some instructions for iptables. But near one in 3 days additional instructions was vanished from output of command iptables-save . If I restart csf -r additional instructions return in output of command iptables-save . Is it bug?

Hi Guys,

I',m running centos 7 and directadmin with csf.
I cannot seem to get mysql-safe excluded.
The following message keeps comming:

Time: Thu Jul 27 09:27:10 2017 +0200
Account: mysql
Resource: Process Time
Exceeded: 2201401 > 1800 (seconds)
Executable: /usr/bin/bash
Command Line: /bin/sh /usr/bin/mysqld_safe --basedir=/usr
PID: 946 (Parent PID:946)
Killed: No

In csf.pignore I've added the...

Dear professionals I need your help.
How to security solve this task?
One of my clients need to send e-mail from web form. He uses smtp.office365.com.
If I add nobody to SMTP_ALLOWUSER, he can do what he wants.

No I wander if is't ok to add nobody to SMTP_ALLOWUSER?

Wasn't it better to allow connection to smtp.office365.com?
If yes, how to add host name (instead of IP) into allow list?

Recently installed (2/3 days ago) CSF on Ununtu 16.04.

I can log into the UI. However it will randomly stop responding. The web page comes up as not responding and I have to restart lfd I order to be able to log in again. As far as I can tell the services are running it's just the UI not working.

Before I log in successfully the process lfd UI is running. Once the webpage stops working the...

You can only whitelist by IP.

Hello,

I have CSF installed and updated to version 9.26 on a Centos VPS. Currently my CSF status Firewall Status is Enabled but Stopped. When I try to start the Firewall, I get the error iptables: Memory allocation problem and Error: FASTSTART: (TCP_IN IPv4) [] . Try restarting csf with FASTSTART disabled, at line 4904

I am new to using CSF and do not understand how to resolve this issue in...

Hello, since a few months back I've been having problems with the lfd service, I tried fixing it myself but was unable to find the error, I resorted to stopping the monitoring of this service since it would spam emails every 5 minutes alerting me that it was down.
But every time cfs updates the monitoring updates and re-enebales lfd monitoring, so 100s or 1000s of emails again.

I wish to ether...

I manage a few hundred endpoints, I want the endpoints to upload their back up log to a dedicated cpanel account.

When the computers log in, they upload their logs and get blocked by csf distributed FTP Logins on account

Is there a way to not monitor distributed attacks on a particular account?

If the managed endpoints are using proper FTP credentials, why are they being blocked?

We want to have our own custom blocklist file at and include it in csf.blocklists on all our servers.
Is the following an acceptable format for csf.blocklists?

tcp|in|d=80|s=46.229.160.0/20 # flooding ADVANCEDHOSTERS-AS NETHERLANDS - do not delete - Sat Apr 22 03:54:23 2017
tcp|in|d=80|s=51.254.0.0/15 # flooding OVH SAS FRANCE - do not delete - Sat Apr 22 03:54:23 2017...

How to exclude in csf ignore file such process:

Account: maximus
Resource: Process Time
Exceeded: 1971104 > 1800 (seconds)
Executable: /usr/local/cpanel/bin/jailshell
Command Line: jailshell (maximus) hell -c /home/maximus/maximuscron.sh

Hi,

My website domain email logos are broken in the gmail due to google image proxy server blocked in my firewall.

I didn't see any blocked ip's in firewall related to google image proxy server.

Logos are coming good when i disable the firewall.

Please help me in solving this issue.

Thanks,
Ramesh

Say I have a server which only needs to be available to a very short set of countries.
Do we have to set csf.conf to explicitly specify EACH country in CC_DENY and CC_ALLOW ?

CC_DENY=
CC_ALLOW= US,GB,IE

... or is there a much simpler way ?

Hello,

having trouble with ROOT login to WHM, cfs is blocking SSH access so I can't change pass.
Can boot with rescue system, need help do disable CFS or allow my IP via rescue SSH.
OS: Centos 7.3 // WHM 64.0

anyone please help/instructions, tnx.

VPS
Debian 9 minimal install
LFD gives error: Failed to connect to bus: No such file or directory

CSF Enabled and Running

No CSF or LFD logs created or found in /var/log/

NO CPanel install

Google search of Failed to connect to bus: No such file or directory returns no related info.

Tried to figure out if the minimal install is missing some packaged needed for LFD...?

Is no one running...

Hello,

I use csf with cPanel(up-to-date) and set CC_ALLOW worked for about one week and after that started to block IP-s from the country specified at CC_ALLOW. This behavior happened on two independent servers with the same architecture.
I think is not normal. What do you think?

Istvan

I searched but not sure I'm searching for the proper thing. I have one customer that has more than 30 users using email. They constantly are kicking off the firewall and I have to reset it.
Is there a way to restrict the firewall from blocking people using one domain on the server?
I understand this could cause trouble.

Does anyone have a working set of rules they use with CSF to help reduce impact from repeated login attempts on WordPress?

These attempts take place with /xmlrpc.php (multiple attempts in one post) and /wp-login.php (single attempt). Often one IP will try many, many times (eg yesterday, 3000 in 2 days).

It would help a lot if CSF was able to auto-block them with some built-in solution; far more...

Hi,

I'm looking for a solution/workaround NOT to block ip addresses from country ABC when hit by lfd (fx login failures, etc.)
Are there any easy way?

I have been looking at
Which can generate a list (not sure if it's complete, but that's ok) of CIDR for Whole country. But the list will naturally be QUITE long. So I fear that it will have performance influence when putting list of 100000s...

best,

in how far can we redirect blocked ip to other server,
so we can tell wy whe has blocked the user ip and what see can do

now when ip is blocked, see don`t now anny thing, then ony default page from the brouwser it self