I have read the forums and done a search but nothing of this error. Any suggestions to try.
SPAMHAUS: Unable to retrieve spamhaus block list - Unable to download: 599 - Could not connect to 'XXX.spamhaus.xxx:80': IO::Socket::INET: connect: Connection timed out
I just had Mail Scanner installed yesterday. That's only major thing done to server.
The XXX represent there website.
We are in trouble on one of the servers. This is a newly configured server with CSF, but the firewall is blocking automatic cPanel Updates, giving Timeout at the time of update.
When the CSF shuts down the updates occur normally without problems.
Any suggestions?
Thank you
Note 1: We have other servers with CSF, configured the same way and we do not have this problem.
Anyone got any experience with dealing with aggressive bots with no user agent string?
I run a wordpress blog that has had an unknown robot use up 9.03 MB of bandwidth in 46,971 hits. I'm guessing that a bot that doesnt have a user agent string isn't likely to check for a robots.txt, so is there a way of detecting and blocking this with either csf or mod security?
Hi,
I've installed the ConfigServer Security & Firewall - csf v6.08 plugin on cPanel.
It's very beautiful plugin! The option Check Server Security it's amazing!
I'm sorry, but I've an a problem with the option Edit the configuration file for the csf firewall and lfd .
When I changed the option value, for example TCP_IN and TCP_OUT value and click on the Change botton,
the plugin save the new...
I have installed CSF last night on a server and found that it's blocking cPanel updates and preventing tarball downloads when rebuilding Apache etc. If i turn off CSF everything works fine.
I have noticed that CSF prevents the source of the update tarball's from being contacted - eg. serverx timed out, serverxx timed out and so on.
I've seen on the forums that I could block a Slowloris attack using Port Flood and Connection Tracking options.
What's the recommeded configuration for those options to correctly block the Slowloris attack?
I've enabled statistics gathering on CSF, and it seems to be working on my Centos 6.3 with webmin.
But how do I view the statistics? Is there any interface for them?
Hello all, I have CSF v6.07 on a VPS and have been receiving suspicious process emails pertaining to one of my websites. I can't figure out if there's a good way to whitelist these, the following details having been changed slightly to protect the innocent:
---------Begin Email---------
lfd on #host#.com: Suspicious process running under user #user#
We have a problem with dumb users from a web agency and they always block their ips with wrong usernames or with conection limit. I tried many ways increasing limits but no luck with those guys...
I was wondering a way to disable CSF auto blocking and just use csf as primary iptables ruler, to just block ports and allow some ips for full access to the server. In other words, I dont want...
Does any one know if csf firewall changes the file rights of wp-config.php to 600 or does some thing with file rights ??
For a period now we notice that on 1 server the wp-config.php file rights get changed to 600 and we are unsure on how it happens csf is the only scanner we have running next to the control panel (Direct admin) .
I would like to know if I turn on Distributed SMTP Logins , but I have 3 IP addresses already whitelisted in the lfd.ignore area, if it gets triggered, would it ignore the whitelisted IP's for this check?
This morning I opened a ticket with our server provider because our server was down, and even though it would come back up after a reboot it would go down again within a few minutes. They claim this is because the server was under attack and running out of memory, I've provided their evidence below. I manually blocked the IP address in question in CSF immediately after rebooting the server again...
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum