It's vital that we offer 3306 remote connection as a shared hosting provider, but at the same time, we expose ourselves to constant attacks which seem to have intensified recently.
As per forums.cpanel-net/f354/do-you-allow-remote-mysql-access-157645.html (renamed forums.cpanel-net as the forum wouldn't let me post links)
Adding:
mysql mysql -e select Host,User from user where...
Im currently running csf on centos and it's running well. The challenge is those damn brute forcers trying to get in on ssh.
They are basically running 3 attempts per ip then rotating. So csf sees attempt then blocks it, however by the time it blocks, they've already rotated to another ip.
In the normal Iptables I can simply do the following:
iptables -I INPUT 1 -p tcp -s exampleIP#1 --dport...
The lfd won't start on a new cpanel DNS-Only server running CentOS 7.2. CSF installed with no errors that I could find, and the csftest.pl file shows OK for all tests.
Can anyone point me in the right direction for what might be wrong?
Here's output from the WHM Plugin page when I click the lfd Restart buttom:
Restarting lfd...
Job for lfd.service failed because a fatal signal was...
Occasionally we receive a dozen or so notifications from cPHulk that it detected a brute force attack and tried to block the IP. These messages all typically occur within a minute or two which doesn't make sense since we're set to apply a 15 minute temporary ban at first detection. Reviewing the cPHulk logs I see that iptables is often unavailable when cPHulk tries to update it....
I'm setting up a server keepalived, however they need to release the VRRP protocol, but do not know how in the CSF, and found nothing on Google for the subject. You can make this release the CSF?
I'm running csf on my debian 8 server to try to mitigate against login attacks. To give Apache and php5-fpm more memory we moved mysql to another server and I wrote additional iptables scripts to allow mysql traffic on the apache server and put them into
/etc/csf/csfpre.sh
/etc/csf/csfpost.sh
so that they would be included on startup. They are set with chmod u+x and have the required #!bash in...
While two vps are seemingly identically configured, one refuses ftp connection with the error message
port command failed and 500 I won't open a connection to 192.168.1... (only to 'external IP') and the
other works properly. What must be changed in CSF settings to make it work?
Could you please help me to understand how (and if it's possible) to make CSF always allow connection to certain ports, like 80 for instance, no matter what. For example, in case Port Scan took place and CSF needs to block this IP/range of IPs, is there a way to make sure that blocked IP will still be able to use port 80?
I have noticed with recent updates that the GUI has become less user friendly and no longer sticks with general layout of WHM. Many issues such as missing home screen navigation links, large bulky buttons and text coupled with fixed width boxes really makes it difficult to actually see anything. The new fixed width layout leaves white space on half my screen and viewing log files is painful....
Just upgraded to 9.2. On my Webmin 1.8.4 + Virtualmin 5.0.4 servers the CSF main page refreshes after 5 seconds to the system information page. I am unable to interact with CSF via the GUI since the upgrade. Is this a known defect?
I am trying to find out why i cannot access my owncloud server when CSF is running. I can use webmin on ports 10000 and ssh on 22 etc while CSF is running but apache won't serve pages over port 443 whilst its running.
Also It seams LFD cannot get out on port 80 either. I have enabled port 80 and 443 on incoming and outgoing tcp/ip rules.
Sep 19 07:01:51 BBSANFRAN lfd : Unable to retrieve...
My CSF is stopped. When I try to start it, it gives this message (It was working fine till yesterday. I did some settings changes as recommended by Server Security option. After that it wont start
trim_html is not exported by the Cpanel::StringFunc::Trim module
Can't continue after import errors at /usr/local/cpanel/Whostmgr/HTMLInterface/Output.pm line 8.
BEGIN failed--compilation aborted at /usr/local/cpanel/Whostmgr/HTMLInterface/Output.pm line 8.
Compilation failed in require at...
We are unable to reach the websites on the server when csf is enabled. Upon checking, the ip is not blocked as per lfd.log. However /var/log/messages has full of similar messages as below:.
I've had a bot or something target one of my sites which has been eating up bandwidth. Is there something in CSF I can tweak to stop what is happening below? I can manually ban the IP; however I would like the firewall to pick this up:
82.144.222.130 - - GET /120-news/administrator/index.php HTTP/1.0 500 7309 - -
82.144.222.130 - - GET /120-news/administrator/index.php HTTP/1.0 500 7309...
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum