What I experience is that LFD sends emails on login failures. When there are FTP of SMTP login failures, the IP's are also automatically blocked permanently. But on SYSTEM login failures not.
We do receive the same emails from LFD on all login failures, it's just that I have to manually block all IP's related to system login failures.
Am I overseeing a setting somewhere? Please advice.
Have installed varnish cache but now notice lfd logs say mod_security rules are triggered by servers own IP address so will be ignored. Any way to get csf/lfd to list the real IPs so they can be blocked?
Hello! I hope someone can get me on the right path with this.
We have a customer who is set up with ControlScan (Axia) for their PCI compliance. The last scan resulted in a scan may have been dynamically blocked by an IPS for port 80.
I have PS_INTERVAL set to 0 in my CSF configuration, and I have ControlScan's scanning IP range but I'm not sure if I need to set that somewhere or not. I have...
Hello,
When I install php-fpm or suphp or fastcgi in diretctadmin and check server security in CSF firewall I get this:
Check php for enable_dl or disabled dl() You should modify /usr/local/lib/php.ini and set:
enable_dl = Off
This prevents users from loading php modules that affect everyone on the server. Note that if use dynamic libraries, such as ioncube, you will have to load them directly in...
Sinece several years ago, i´ve using Configserver plugins trough CPanel, However, today i have the opportunity to have a server with a different panel (ISPConfig). Looks to be good panel but i have a porblem with it.
I have installed Configserver Firewall and i thought that this would create a GUI into this panel but it wasn´t. Im not a server administrator and im not very smart...
I was wondering if its possible to run Exim spam monitoring without cpanel installed?
csf.conf does not want to recognize option without cpanel???
( how to enable LF_SCRIPT_ALERT without cpanel?? )
I'v seen this question asked as far as 2007...
Still no implementation???
I have a small question. I have my clients sites on the server and I have my own site on that server as well. I have live chat on my site. Now when some one blocked his IP say for failed login attempts for imap or POP or ftp or cPanel. Then that person is not able to access the live chat being on same server where the IP is blocked.
Now can we have something like that where I can white list...
Firstly, to explain my current set up, I have a home server with two interfaces, eth0 (public interface) and eth1 (private interface). eth1 is used for my internal network and backups.
I would like to block *all* users from doing anything on eth1, and only allow certain system users, such as root, cPanel, etc.
What would be the best / recommended way to achieve this?
Please do not...
After kernel upgrade to the version below, joomla websites in particular and rvistebuilder not load. They show timeout. Sites in joomla take about 20 seconds to load.
Linux server.xxxxxxxx.net 2.6.32-573.18.1.el6.x86_64 #1 SMP Tue Feb 9 22:46:17 UTC 2016 x86_64 x86_64 x86_64 GNU/Li
CENTOS 6.7 x86_64 standard – server WHM 54.0 (build 17)
I'm trying to add this link to my csf.blocklists file.
There is a problem however as I'm getting the following error: Unable to download: Can't connect to raw.githubusercontent.com:443 (certificate verify failed)
Is there any work around to this (there isn't an http equivalent page I can find)?
One server out of all systems is having issues with SMTP_BLOCK seemingly applying itself even though its set to 0
The server functions fine for a month or so, then randomly denies all outbound connections to SMTP only. When we restart CSF, without any configuration changes, the issue is resolved.
Please help us know where to start looking. There's no obvious errors anywhere...
Hello. I have installed CSF on a WHM 11.38.2 (build 3) server.
I am making some adjustments to server settings based on the reocmmendations in the Check Server Security options.
I've made quite a few adjustments and rescanned each time and mysecurity rating increases each time as expected.
However there are 2 options that I think I've made the suggested changes properly, but when I recheck...
On my server I have 2 IP addresses, let say xxx.xxx.xxx.xxx and xxx.xxx.xxx.yyy so what I want is to filter traffic with csf on the xxx.xxx.xxx.xxx IP and allow everything for xxx.xxx.xxx.yyy so in short the second IP xxx.xxx.xxx.yyy be completely ignored by csf and allow all the traffic.
I have tried as described here: but it is not working, the csf rules after restart are implemented to...
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum