ConfigServer Community Forum

People Forum, as I activate the RBL from the CSF? Thank you

I have CENTOS 5.11 i686 virtuozzo. My CSF/LFD Version is latest.

When I try to use cc_allow_filter for only US ip addresses, it will fail to start up.

Our server has been plagued with spam sent from malware on a handful of accounts. We bought CXS several days ago, but it hasn't been installed yet and we don't know why. In the meantime, I would like to execute a script to delete outgoing email from these accounts when there's a LOCALRELAY Alert for one of those accounts. So, I want to create a script to use with the RT_ACTION setting in...

I want to block normal ftp and tls ftp to anyone from outside except for those on the lfd ignore file.

Is this relatively straight forward?

Hello,

I want to be able to allow access to my main hosting website for all traffic when someone is perm banned in the firewall.
It will be easier to manage clients when they are banned via support ticket on my site.

Is this possible?

Hi

I have installed CSF on an Ubuntu VPS. It installed ok however, when i run perl /etc/csf/csftest.pl it returns the following output below.

Any help on this would be much appreciated! :)

Thanks
Andrew

Testing ip_tables/iptable_filter...FAILED - Required for csf to function
Testing ipt_LOG...FAILED - Required for csf to function
Testing ipt_multiport/xt_multiport...FAILED - Required for csf...

Im using ConfigServer Security & Firewall - csf v8.08
csf deny some IPs randomly, and i get no email from CSF for blocking that IP
It even blocks my own using IP also and it force me to go to WHM and do Firewall Restart.
and then problem resolve.

I even check those blocked IPs in Firewall Deny IPs , but i see those IPs not listed.
I dont know why this happens, please help me

sometimes my users...

Hi,

I just spun up a new VPS, running Centos 7.1 and I have installed csf 8.08.

The first installation only gave me a score something like 45/69 (My other VPS has a max score of 140!)

So I uninstalled msg using the uninstall script and re-installed...
It is worth noting that after each install attempt, CSF is listed as not running and I need to run it manually.

I am getting errors in the...

I have try to prevent sending Suspicious File Alert emails which contain:

File: /tmp/netatop-0.5/netatop.init
Reason: Script, starts with #!

File: /tmp/netatop-0.5/mkversion
Reason: Script, starts with #!

by adding

exe:/tmp/netatop-0.5/netatop.init
exe:/tmp/netatop-0.5/mkversion

to the csf.pignore file but somehow those two lines are not getting excluded from the alert emails.

Any...

Good evening, I disabled my php.ini on the line enable_dl = on = off to enable_dl.
But in the config server firewall still get a warning message asking to disable dl.
Obs. In my php.ini this off

I am getting alerts for memory usage and a user. Errors such as these are spamming my inbox:
• lfd on server: Excessive resource usage: username (13319 (Parent PID:10223))

And so forth. I changed the memory for PT_USERMEM in /etc/csf/csf.conf to 500 from 200 and issued `csf -r`. Sadly I am still getting erros about exceeding the amount of memory. Similarly I have tried to use csf.pignore with...

Hi,

Is it possible to distinguish between real hacking attempts where a series of passwords is tried and a user who has input a wrong password in their mail program?

I have business clients that travel all the time and work together out of different venues each time.
Outlook for mac has the annoying habit of suggesting that the password might be wrong each time there is any issue with the...

I am experiencing a strange issue with Csf and amazon Ses. The email sending through amazon ses works fine for few days and then it get blocked.

After restarting it works fine, how do i diagnose this ?

Unable to connect to retry in 300 seconds. An Upgrade button will appear here if new version is detected

Anyone else have this issue. Never had issue for over a year. They are white listed in the firewall.

Was wondering if someone could shed some light on this log message and tell me whether it is a normal spam assassin call that is being blocked by csf and if that is normal or is something misconfigured in csf? The dst port is 24441 which Pyzor uses to communicate with the server. I am seeing these every hour and it is quite annoying to say the least. Is there something amiss or can I somehow stop...

Recently did a new install of Config Server Firewall and performed most of the suggestions from the Check Server Security. Unfortunately in my haste, I changed something I should not have.

Now temporary/shared URL's ( are no longer accessible. Thsi means that the shared SSL certificate cannot be used and peeps are emailing me about page not found errors.

Other than changing everything back,...

Hello,

cPanel admin said my server is probably under DDoS attack.

It used the following command line to find many SYN_FLOOD

root@host # netstat -an|grep :80|grep SYN|awk {'print $5'}|cut -d: -f 1|sort|uniq -c | grep -v 1
5 106.67.111.131
5 175.143.154.42
2 197.232.245.42
3 202.69.15.64
5 208.54.39.240
2 216.123.13.109
5 76.171.160.2
5 92.97.47.199

and we used the following command...

One IP is being blocked in iptables even when I already added to the csf.allow and csf.ignore I don't know what CSF rule is doing that, because I don't find anything related to the IP in system logs. If I check the iptables I found a DROP line when the IP is already blocked. Yesterday I enabled the WATCH_MODE but I don't know how to identify the cause of the block for the IP.

Any ideas?

This...

Hi Team,

We have installed an email application (Sendy) to our virtual server.
*Added the dns names for the region for amazon
*Added user/cmd ignore list

However it is still getting banned by CT_LIMIT. We have increased this to 1000 to prevent the issue however I was wondering if there is a way we can exclude this process/user from the CT_LIMIT.

Thank you

Hello,

In file csf.blocklists, one can enable various external IP blacklists to be included in CSF.

I want to ask how many IPs is too much to be blocked?

I have around 3GB RAM free. One spare CPU core, not sure how to count how many IPs i can afford to block.

openbl.org list has around 2300 IPs

Here someone have a time to move some deny ips into an external blacklist file, not sure what is...