ConfigServer Community Forum

I just saw in configserver's blog the following notice:

We are deprecating support for Virtuozzo/OpenVZ servers. Future releases will not take into consideration those platforms which have become onerous to support. The software application may continue to work but support and functionality is no longer guaranteed

Is this about Virtuozzo/OpenVZ hosts or containers?

I'm seeking ideas for the most native way to create a configuration to make LFD ignore all IP addresses within a specific Autonomous System Number.

The use case is this: I don't want to block legitimate web crawlers on my server which may trigger failure logs due to HTTP 403's and HTTP 404's. This is frequently a common behavior for websites I host with many pages, which are crawled by search...

Hello,

Receiving the following:

Time: Thu Mar 5 09:02:42 2020 -0500
Account: openvpn_as
Resource: Process Time
Exceeded: 1832 > 1800 (seconds)
Executable: /usr/bin/python2.7
Command Line: /usr/bin/python2 -c from pyovpn.cserv.wserv_entry import start ; start() -no -u openvpn_as -g openvpn_as --pidfile /usr/local/openvpn_as/etc/tmp/wserv.pid -r epoll
PID: 7125 (Parent PID:7104)
Killed: No

Do I...

Hi All
Since several days ago my log files show the following error /usr/sbin/csf -u
I have two similar servers and both have same error each nigth at the same hour so it looks like some update proccess cannot be completed
I did not find any information on the forum about -u command
Regards

Hi,
I am using the Config server firewall on CentOS. My question is how to configure csf to allow IPv6 connection(FTP,SSH)??
(If i connect through ipv4 it is working but incase of IPv6 it is not working)

hello

My problem is that when connecting to ftp if csf is enabled, ftp cannot be connected
But if ip in csf allow the connection is established !
How to fix a problem that connected to ftp without having to allow ip in csf?

thanks ...

Hello i have many e-mail with this alert, i didnt find nothing about it. How can i solve?

Time: Sat Feb 29 11:17:48 2020 +0100
File: /dev/shm/\i360_blamer_reducer423.u1025
Reason: Suspicious file name
Owner: user:user (1025:1028)
Action: No action taken

Hi,

I am receiving an error when attempting to access the interface. I am getting a 500 Internal Server Error:

No response from subprocess (/usr/local/cpanel/whostmgr/docroot/cgi/configserver/csf.cgi): The subprocess reported error number 72,057,594,037,927,935 when it ended. The process dumped a core file.

I rebooted the server but that didn't solve the issue.

I checked available disc space,...

Good morning,
I apologize in advance if there is already a topic like this, I have searched but have not found it.

I use csf on an AZURE servers, they blocks outgoing mail on port 25.
Is there a way to use notifications and alert with user logged in on another server?

thanks for helping.

Davide Sanryu

An end user is using an email client (like Thunderbird) and are able to receive/send emails just fine, but then after a while, their IP address gets blocked by CSF. The entry for the block in csf.deny is like this:

lfd: (smtpauth) Failed SMTP AUTH login from XXX: 10 in the last 3600 secs

The end user is insisting they have the correct login details and its proven by the fact that they are...

Hi,

Is a csf restart required to load new blocklist rules into iptables?

We're currently using csf.blocklist to download blocklists every hour. The logs show the updated lists are successfully downloaded and added via IPset. However the new IP addresses do not seem to come into effect until CSF/iptables is restarted.

Is this the correct behaviour?

Not sure whats happened bu i have found that my CSF interface on a machine running CWP is no longer available

when you click on the link in the menu it redirects to the CWP login page

this is in the admincp logged in as the root user

anyone seen this or have an idea on how to resolve?

Im running CSF 14.01 and CWP is pro version: 0.9.8.944

Since last night we've been receiving hourly alerts that LF_QUEUE_ALERT is higher than 400, but every time I check the mail queue there's only 5-10 messages in it.

I've checked the /var/spool/exim* directories and same thing.
I've checked /var/log/messages and see no evidence of spam.
I've checked WHM mail server statistics also.

Any ideas please?

I came across byt its over 5 years old.

Is there anyway to stop CSF from outputting to the console? It spits out so much it prevents me from logging on to my server (CentOS 6.4 with WHM 11.40.16)

HI

We just moved a handful of VMs from OpenVZ v6 to a Virtuozzo 7 server.

all cPanel/.DA servers with CSF have issues.
When trying to enable CSF we get this:

csf: FASTSTART loading Packet Filter (IPv4)
Error: FASTSTART: (Packet Filter IPv4) [] . Try restarting csf with FASTSTART disabled, at line 5538

I then run: /etc/csf/csftest.pl

root@server2 # /etc/csf/csftest.pl
Testing...

Hi,

I configured CSF to block all IPs expect my IP and everything is working perfectly.
Now, my question can I check those blocked IPs. As far as I know, they are dropped so there would be no log.

Regards,

Thanks for writing an awesome piece of software.

I have a question about where on the server ip addresses from GLOBAL_IGNORE are stored, and if its possible to do any lookup towards this.
I cant find anything in /etc/csf or /var/lib/csf/, and it doesn't say anything in readme file about this either.
There is also no ipset hash chain for this either it seems, like allow has for chain_ALLOW for...

Hi Everyone,

I tired to resolve some false alert by add the following rules to cdf.ignore but still can't stop them. :confused: :confused:

exe:/usr/local/cpanel/3rdparty/perl/522/bin/perl
exe:/usr/local/lsws/bin/lshttpd.5.1.11

lfd on domain.com: Suspicious File Alert
Time: Fri Jan 13 06:17:11 2017 +0800
File: /tmp/lshttpd/bak_core/core.831309
Reason: Linux Binary
Owner: nobody:nobody...

I'm getting a LOT of lfd Suspicious File Alerts on files created by Imunify360. An example file is /dev/shm/\i360_blamer_reducer423.u1009.

Is there a way I can tell csf to ignore any file that has i360_blamer_reducer in the file name?

I'd like to keep getting alerts, but so far they are all false positives.

Thanks!

Hi there,

Is there a list of API command and connection details in order for me to create an API in my custom billing panel which will allow users to unblock themselves if they get blocked?

My main site is hosted on a different server to my main selling server.

I have tried to make heads and tails of the unblockme system for whmcs but as I'm not using WHMCS its hard to figure out.

-Chalkie