My changes to /etc/csf/messenger/index.html are not being reflected. I have restarted LFD and CSF multiple times to flush the file from the cache, even deleted my own browser cache, but it still is not displaying the new version. Any clues?
I am seeing quite a few new files in the messenger directory along with an index.php which references invalid files. I understand what the .text file is for, can we get an up to date breakdown on what files are used for what now?
I think I already know the answer to this but I'm running a half dozen Wordpress sites and I'm tired of seeing the gobs of traffic being blocked at the Wordpress security plugin level originating from China. I would consider putting a country block on China in CSF but frankly there is a small chance there could be some legitimate visitors from China (like 1 in 1000) to some of the websites. So a...
after my site was attacked I installed CSF v14.05 and it work great.Except that users with ipv6 started getting (connection time out) and very slow browsing to my site. if I disable CSF the problem goes away.
After seeing my web server slowing down while my ModSecurity logs were filling with IPs from AmazonAWS, googleusercontent, Microsoft cloud users, DigitalOcean, Tencent, Alisoft, etc., I blocked the IP ranges for all of those services / server farms.
Now I see the message that I put in the subject line of this post next to the Manual Check button, in my implementation of ConfigServer...
I am trying to figure out why the LFD is not showing or catching any ips that have been failing authentication. I have had a lot of unauthorized ips trying to log in to mail, ftp, ssh etc but they never show up in the LFD log nor do they appear in the CSF deny list. I can manually add them to the deny list and they are then blocked but I can't figure out why this is not being done automatically....
I use the CSF as a firewall on my VPS.
But since I don't have a static IP, every time I get a new IP, I first have to log in via the KVM console and whitelist my new IP and only then can I connect to SSH via putty.
Can I somehow share all connections on SSH port 22 so that I can save myself the trouble?
I have already added the following rule to the /etc/csf/csf.allow file and...
I'm having a very strange blocking issue for a while now. I run CSF firewall on some cPanel servers and CSF blocks some of the mobile users (on mobile networks) that are using e-mail accounts. What's strange is that I cannot find their IP addresses in any blocklist but after flushing all blocks the users can connect to the mail server again.
Hello,
Using 3 ip on server. 2 is shared. 1 ip is dedicated for 1 website.
We need to close some ports for this 1 ip or domain. Usually mail ports. But these ports should only be closed for this reserved ip. It should not block other ip and sites on the shared server. Any chance to do this via csf or lfd? Thank you.
A couple of weeks ago, one server started to behave very strange. Sometimes websites don't work. But after 10 sec they are working.
cPanel takes sometime 1 minute to load and emails are getting errors in customers email clients.
We also get trown out of ssh pretty quickly.
Only way to fix the issue is to disable csf -x.
I see this when I restart csf:
INVALID tcp opt -- in !lo out *...
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum