ConfigServer Community Forum

Hi,

I'm receiving the following error: Executable [] invalid - when attempting to search or watch system logs through CSF in the cPanel GUI. Is there anywhere that I can look to get more information as to what's actually invalid so that I can look to rectify this?

Running csf v8.03 on CentOS 6
Cheers

Hi,

I'm starting a new VPS and keep rebuilding it. Now my host changed some things. In the beginning cPanel/WHM 11.50 with CentOS 6 was installed and I had no troubles running csf. But recently my host changed it to CentOS 7 and now I have trouble running csf.

I don't have any trouble downloading and installing it, but it won't start and when I check for errors I get the following:

Can't...

How do we turn OFF the empty log notification reports?

To: root@
Subject: lfd on : Log Scanner Report for 10:00, (lines:0)

...No log lines to report...

I get these every hour or so, can this email be disabled somehow when lines=0

Earlier today, I started getting a large number of emails about blocked distributed smtpauth attacks on my email account.

I was unable to authenticate and my IP ended up being blocked too, even though I was using the correct password.

I've implemented SMTPAUTH_RESTRICT as per the instructions in the CSF readme.txt, and also set CC_ALLOW_SMTPAUTH to only allow connections from GB.

Rather than...

Hi,

I would like to know if I can change the action of BLOCK to DROP in cpanel csf? This is due to currently there is web service outage happening once in a while in my cpanel and after cpanel support checked, they suspect that csf firewall may be the cause of problem and suggest us to change the action from Block to Drop. Below are some log records example that they found in cpanel messages...

I'm using a script with the lf_script_action trigger. In the script I'm attempting to call clamscan. I have written the script correctly as far as its functionality, and I can run it from the command prompt manually passing fake input to it and it works, but when csf runs my script the clamscan fails. I'm unable to figure out why though, and hoping for some insight from the csf side why it might...

Unable to connect to retry in 300 seconds. An Upgrade button will appear here if new version is detected

I cant see it in directadmin

Hi,

Is it possible to run CSF security report in SSH and either output it or send it to a file, as I have no control panel?

Thanks,
Gaz

Hello Guys !

I got a situation here: I installed a brand new server (CentOs 6.4 x64 - converted to CloudLinux) and after I installed csf firewall and it takes at least 3-5 minutes to restart. I saw that bandmin stops csf to restart very fast. In other servers this never happens and I don't know why. Also another thing is when the server reboots, it tooks a lot (~5 minutes) for bandmin to restart...

Is it possible to disable/set SMTP_ALLOWLOCAL to 1 but still allow webmail (Horde and Roundcube) usage? I have a particular account which has its wordpress constantly hacked even with auto-updates which I would like to just disable use of smtp_allowlocal altogether. It does have valid email accounts which are heavily used through their email software which eliminates many of the other options....

Hi

In csf I have this line UDP_OUT = 53,113,123,19567:19600
but I keep getting this in logs
Jul 16 23:03:52 xtest kernel: Firewall: *UDP_OUT Blocked* IN= OUT=eth0 SRC=x.x.x.53 DST=x.x.x.139 LEN=86 TOS=0x00 PREC=0x00 TTL=64 ID=62088 DF PROTO=UDP SPT=19567 DPT=10002 LEN=66 UID=1000 GID=1000

Any suggestions will be appreciated thnx

I installed CSF (8.01) on my new Debian 8 server. However, I am unable to start the csf service when IP6 is enabled in the csf configuration. I get the following error:
ip6tables v1.4.21: can't initialize ip6tables table `nat': Table does not exist (do you need to insmod?)
Perhaps ip6tables or your kernel needs to be upgraded.

Here's the full output from the restart:

Restarting csf...

Flushing...

One of our servers has just upgraded itself to CSF v8.0 and as far as I can tell, nothing specified in /etc/csf/csf.allow is being allowed anymore.

I can see the actual rules have been created properly in the ALLOWIN chain and I can see that the ALLOWIN chain is being called from the LOCALINPUT chain, but traffic is never making it into the LOCALINPUT chain in the first place.

From what I can...

Sorry if this has been discussed before - I tried searching using a few different terms. However, I'm getting grief from my hosting provider about the number of emails my VPS is sending. By far, the largest amount is coming from CSF/LFD alerts.

I'm was trying to find a configuration option to send one daily email with all alerts instead of individual alerts, but I wasn't able to see anything...

Hello, I have a Debian 8 VM (Jessie) running on Xen, I can not get it to block port scans.
I have set
PS_INTERVAL = 100
PS_LIMIT = 10

All other functions seem to work fine.

/etc/csf# /etc/csf/csftest.pl
Testing ip_tables/iptable_filter...OK
Testing ipt_LOG...OK
Testing ipt_multiport/xt_multiport...OK
Testing ipt_REJECT...OK
Testing ipt_state/xt_state...OK
Testing ipt_limit/xt_limit...OK...

Hi All

I started getting this message on a cPanel vps after setting up a few accounts (I am the only one accessing this vps)

Time: Mon Jul 13 13:05:49 2015 +0100
File: /tmp/index.php
Reason: Script, file extension
Owner: falcon:falcon (500:500)
Action: No action taken

I have looked in the user falcon > root > tmp folder but it does not contain an index file.

I am currently get this message...

Hi,

I purchased and installed CSF and now I am facing issue with my ftp connection, FTP gets connected but files do not get uploaded and show no progress, says 0%. I turned off firewall and its now working.

Can anyone help me please?

Hello -

I am getting a lot of alerts of individual IPs that are being blocked even though I have a CIDR block setup to deny the block that would included the IP that is being blocked. I love Configserver and like that it is mostly working, but all the individual blocks are making me increase my Deny limit. This has been happening for several months now and I am running the latest version. Any...

I am trying to be passed for pci compliance by trustwave.
I set:
IGNORE_ALLOW = 0 and add their IP(s) to csf.ignore

But they are being blocked. Explanation from them is so:
Desc:
During the course of the scan, TrustKeeper detected an unidentified protocol on common web ports. In some cases, this may be caused by network security devices actively blocking the vulnerability scan, which it may...

After upgrade to latest version LFD stopped working on one server only...

This is the error reported in the lfd.log...

: Can't use string ( 31.8.173.147 ) as a SCALAR ref while strict refs in use at /usr/local/csf/lib/ConfigServer/CheckIP.pm line 33.
: daemon stopped

I tried to force update CSF, restart LFD multiple times, but it always die after 30 seconds.

Can someone please help with...