Sorry to re-open an old thread but it's related, I added several IPS to the csf.ignore file and this seems to not work as these ips still get blocked by these exim syntax errors. Is there another file I need the IPS in so they are not blocked by CSF?
Thanks
Currently on up to date version V14.19
A few weeks ago I received an email stating that I'm sending requests to rather than for MaxMind database downloads and that in the coming months http is going to be removed.
I believe CSF is doing the http requests to Maxmind as I just checked and found the following:
I know this is my first post here, however I must do it since there is no support for CSF on Help Desk. Long story short I have a few ARM64 servers with AlmaLinux, Alibaba Cloud linux, Ubuntu 22; and CSF and LFD does not function properly. For instance, the CSF service on all of them:
I'm inquiring about the possibility of utilizing CSF to block all bots while allowing an exception for Google bots. Google has kindly provided us with a list of whitelisted IPs at the following links:
Googlebot IPs:
Special Crawlers IPs:
User-Triggered Fetchers IPs:
Google IPs:
I've attempted to research this on various forums but haven't been able to find a solution. Most...
Hello. We have a server with CSF that is not logging iptables blocks to var/logs/messages. Last iptables logs are from december. I tried to restart CSF but not works. I compared CSF configuration with other server that logs iptables well, but there is no differences.
I am using CSF on Debian 11 server, I installed Wazuh agent and I opened ports 1514 and 1515 in TCP OUT in csf.conf and in csf.allow
restart the CSF by csf -ra, also I used csf -f m but the ports still clocked and I see this in syslog
Aug 24 11:46:16 dns kernel: Firewall: *TCP_OUT Blocked* IN= OUT=ens5 SRC=172.31.31.157 DST=X.X.X.X LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=48959 DF PROTO=TCP...
I have 3 servers, the master-server knows of the slaves, the slaves do not know about each other, but they do know about the master.
When i send a csf -cd xxx.xxx.xxx.xxx from one of the slaves, the master-server blocks the IP but does not sync it on the other slave.
How do i configure my servers, so that if i send a csf -cd from one slave to the master, the master then syncs it to the other...
Since latest Ubuntu update (23.04) I've noticed that CSF stopped working correctly. I didn't notice any temp nor perm IP ban. There is also no mail notification about that, but in logfile I see that there is many same connections which are refused after some time/connections. I'm really not sure WHERE is the problem, because before update all seems work well. There is no new changes in...
Hello, I have seen other systems using csf and when your password is incorrect a certain amount of times it brings up a ban screen which you can then complete a captcha to unban. I have enter my captcha details and tried everything I could find on the web nothing works, currently when i get banned I just cant access my whm cpanel or server etc but I cant unban myself. Does anyone know why this...
I was trying to figure out why changes to blocklists and firewall configurations didn't seem to be taking effect. After digging into it more today, I think I have found a potential bug.
When restarting csf and lfd through csf -ra or through the web interface, the web interface reports back that CSF and LFD were restarted, however when checking the service status with systemctl status lfd.service...
Suppose my server IP is 1.1.1.1. I have script in servers like 2.2.2.2 and 3.3.3.3 that they connect to 1 every 10 minutes. I'm receiving SSH alert email every 10 minutes.
I didn't find a way to exclude the 2 and 3 IPs so that there won't be emails from them.
I should mention that accessing to servers are limited to specific IPs, so I don't worry about this request.
I am trying to ignore entries in my /usr/local/cpanel/logs/error_log, where my hosting company does not allow use of the cPanel Store directly. The hosting company also resells the cPanel add-on products.
My server environment is:
OS: CentOS v7.9.2009 STANDARD virtuozzo
cPanel Version: 110.0.9
The special need is that the error_log entry begins with a date/time, and then there are subsequent...
Have been using CSF for many years. But now started seeing a very strange behaviour in Debian 11. Even after doing csf --disable, I still see blocks happening. I verified CSF is stopped and there are no rules in iptables.
# iptables -L -n -v
# Warning: iptables-legacy tables present, use iptables-legacy to see them
Chain INPUT (policy ACCEPT 67390 packets, 53M bytes)
pkts bytes target prot opt...
Following investigation there is a change in Perl 5.38 which breaks LFD.
As soon as one of the log files causes an error (e.g. is simply not present), all future log file reads on any file will fail until the error is cleared.
I solved this by adding a clearerr call before each log read, which is in the LFD file and the function getlogfile (around line 2195 for the function start).
One would think this would be easy but apparently its not...or its not possible.
I need to block ALL IPs from a specific domain, the problem is the domain has hundreds of IP CIDRs and its virtually impossible to block them all from standard IP deny lists - as well, about every 2 to 3 months, they seem to add on new ones. My server is taking on more and more vulnerability scans from this domain -...
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum