Hello Everyone,
Does anyone know if CSF process is monitored by Cpanel server manager? As some mornings i find CSF randomly stopped i want to make sure that the service restarts should this happen?
Am I getting the error below after last update, anyone else?
UPGRADE:
Tue Nov 10 16:17:08 2020:
1605035828_pre_v14_08_upgrade
ERROR:
Another app is currently holding the xtables lock. Perhaps you want to use the -w option?
Error: Error processing command for line (6 times): , at line 866
I enabled LF_IPSET and WAITLOCK, but it didn't work.
I have a cPanel / whm server with csf installed on it.I have csf configuerd to automatically report abusive ip addresses to abuseipdb blacklist it works fine however when i receive the email csf sends the blocked ip address has the wrong country for example csf just sends to me that
194.87.138.228 (RU/Russia/-) is blocked for a portscan however in this case Russia should be Germany...
my server provider blocked 25 port, and I use external SMTP service for all outgoing mails. is there someway to setup CSF to send mail notifications via external smtp with required autorization? Thanks!
I am trying to standardize my servers better with Puppet. Puppet is very good at building files with multiple lines like csf.allow, but it is more difficult to add multiple values to a single line like the TCP_IN list in csf.conf.
I attempted to add partial lines to csf.allow, but that didn't seem to work:
tcp|in|d=22 # puppet - from csf-global-allow-ssh
tcp|out|d=8140|d=192.168.118.31 # puppet...
We try setting for RBLs list in CSF another server (cPanel) Same setting is work
But has problem on this server , We try Check Update All Check standard , And Update All Check verbose it's not responding
My option detail in RBLs list
enablerbl:b.barracudacentral.org
enablerbl:bl.spamcop.net
enablerbl:cbl.abuseat.org
enablerbl:csi.cloudmark.com
enablerbl:db.wpbl.info...
So if I whitelist some IP's from a country in the Firewall Allow IPs list and then add thata country code to the CC_DENY settings, will those whitelisted IP's be allowed access to the server?
Server Check
Check SUPERUSER accounts
You have accounts other than root set up with UID 0. This is a considerable security risk. You should use su, or best of all sudo for such access
How do I check what users have that permission and how do I correct that?
Hello,
I have had a relatively serious problem for a few days. I have a VPS and I am suffering an attack, almost daily, which I think is DDOS, many connections from different IP's.
I have lowered the value of CT_LIMIT and this is mitigating the attack, but as I lower it, they lower the number of connections per ip and increase the ip's.
I had to get the CT-LIMIT value down to 5 (for a few...
hi all,
I have wordpress on two web server nodes behind a loadbalancer server. and I log failed login IPs on web nodes in a file in order to use this custom regex on it:
if (($globlogs{CUSTOM1_LOG}{$lgfile}) and ($line =~ /^(\d+\.\d+\.\d+\.\d+)/)) {
return ( Failed Wordpress login from ,$1, wordpresslogin , 5 , 80,443 , 3600 , 0 );
}
this works on both servers. But I figured out this is...
Hi,
Our clients OFTEN get blocked by CSF/LFD due to mail bad login attempts, or stuff like that.
They are in offices with multiple email clients (outlook or other).
They always tell me that they did not change anything.
But it MIGHT be one of their employees with an iPhone misconfiguring their account.
So I would like to give them MORE information about WHICH device in their network is making...
We are having a strange problem since about a couple of weeks now (nothing changed since it was working as it should)
csf is blocking udp in for port 123 when we use nl.pool.ntp.org , whenever we use another ntp server there is no problem at all.
Because ntp.org uses loads of different servers, it's no option whitelisting them (as they change as well: new servers added, old servers removed)...
Hi,
I have enabled SMTPAUTH_RESTRICT on csf and whitelist my country in CC_ALLOW_SMTPAUTH.
I intend to relay only clients from my country..
I works but i still have a few alerts like this:
Time: Sun Oct 18 23:54:13 2020 +0200
IP: XXXXXXXXXXXX (AU/Australia/-)
Temporary Blocks: 5
Temporary blocks that triggered the permanent block:
Sun Oct 18 19:37:31 2020 (smtpauth) Failed SMTP AUTH login from...
Some time ago I installed csf on my Cpanel server.
The problem I have now is that when I give the enable button to seconds the csf stops working. I give it to enable again and the same thing happens to seconds it stops working.
In /var/log/messages appear this:
Sep 30 12:16:05 hostname lfd : Main Process: TERM
Sep 30 12:16:05 hostname lfd : daemon stopped
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum