I just installed this firewall
Its awesome
I have a VPS
I have several websites each with its own IP on this server
Does one installation cover my entire VPS or do I have to enable shell and install on each domain?
hi,
i was able to limit concurrent connection per IP.
but this might cause problem and effect good traffic.
the problem i am facing is, when a client is requesting a page through GET, it's served from the cache, there is no PHP code involved. so i don't care even if i am even brute forced with this method.
but if the same page is requested with POST (regardless good or bad traffic), it's always...
My 15 days old server receiving port scanning attack almost every hour. I configured CSF and its doing great job in blocking those port scanning attack and sending me an alert email with the details.
Wondering if there is a way I can completely disable the port scanning feature on my dedicated server with help of csf......?
I've mostly gotten rid of excessive resource usage alerts by adding to csf.pignore. However, there are two processes left that I can't nail down: /usr/sbin/nginx and /usr/sbin/mysqld
I have exe:/usr/sbin/nginx and exe:/usr/sbin/mysqld lines in csf.pignore and csf has been restarted, but I'm still receiving alert emails about process time and suspicious processes.
Can anyone help me determine what causes a process called lfd - (child) Statistic to be spawned? We had a server go into high load today and there were over 800 of these processes. I'm not seeing anything obvious in the logs so I'd like more to go on. What causes the lfd - (child) Statistic process?
I have the latest version of CSF and Everyone that trys to login to their cpanel is blocked until I put their IP in allowed list.
I have went over the settings and can't find out why.
I have checked everyone's IP and they are not on anyone's list.
I have install csf in my DIrectadmin server. It shows only few option in csf panel. How I can get all options as normal csf installation. Please find the screen short of my panel.
www. gyazo .com/416a3527735ebd25c0c330d43f66a131
thanks
Bineesh
Just (21:24 on Jan 1st 2015) had a warning that both CSF and LFD have failed the MD5 comparison.
I looked in /usr/sbin/lfd and noted that the copyright statement at the top mentions 2015 - is this an automatic copyright update causing the file change?
I also see this command in the file which concerns me:
We are trying to SCP a large file from one of our servers, however CSF appears to be killing the SCP process after around 55 minutes.
In /var/log/lfd.log we see the following messages:
------------------------------------------------------------------------------------------------------------------------------------------------------------------
/var/log/lfd.log-20141214:Dec 12...
I changed the email address I use for ALL cPanel and CSF notifications to a different one, but CSF is still sending to the old address - anyone seen this or know how to get it to send to the right one?
I have CSF (7.57) running on a fresh Ubuntu Server 14.04 install. It's working fine, except that the Webmin module only loads up to the upgrade section, and then does nothing (it doesn't even try to actually check for an upgrade). I've tried uninstalling and reinstalling to no avail. Any advice?
I'm running a cPanel server that sits behind CloudFlare. I've been using csf for a while on another cPanel server and found it incredibly useful, but it's next to useless when all traffic is coming from a small range of already-known IPs. A script like Flarewall is a good start, but still requires csf to know the correct IP to block. Is there a way to get csf to pick up on X-Forwarded-For or...
I am seeing the same ip showing up in my httpd error_log for numerous mod_sec violations, yet its not being blocked by CSF. I have CSF set to block after 5 errors and it is watching the correct error_log path.
ModSecurity: XML parser error: XML: Failed parsing document.
ModSecurity: Warning. Match of eq 0 against REQBODY_ERROR required.
ModSecurity: Warning. Operator GE matched 5 at...
I'm currently setup using CSF/LFD on a cPanel/WHM server. Tonight I was messing around with iptables adding some rules to open ports through SSH, encountered some issues so for troubleshooting reasons I went into CSF and clicked Firewall Configuration added the ports I needed opened then saved and restarted csf/iptables. It appeared some of the rules I had added earlier seemed to be gone....
If I block an IP range in csf/lfd for example 87.106.0.0/16 1&1 servers because I am fed up with the constant attacks by scripts from infected servers there
Will that also block emails being received by my mail server from 1& 1 customers, because unfortunately I do have some users who have a 1&1 (gmx) email address who do email me occasionally
From time to time, I'll get myself locked out because I've made a typo in a password or something like that; latest case was making a typo on the cPanel port. Then I'm blocked until I figure out what I did, and have to wait.
Meanwhile, to prevent this, since it's my effing server, I whitelist my ISP-provided public IP address. Which occasionally changes. Which means every few months, I go into a...
Hi, on my RHEL v6.5 server CSF logs only one line per firewall hit in the systems /var/log/messages logfile.
But for some reason on a new Centos 7 server I'm setting up all logs are reproduced two times.
One time with a timestamp before the Firewall: part, the other directly as-is like on my Centos 6.5 system:
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum