CentOS 6
No changes to CSF for some time.
Recently began getting an error when the daily cron job runs:
/usr/sbin/csf -u
Oops: Unable to download: write failed: Connection timed out
I've tried searching for solutions, but nothing pops out a me. Again, I'd not made any changes prior to this failing. It started failing sometime in the last week or so.
Absolutely love CSF its a godsend, big thanks to the dev team.
I have an issue however that i have 1 particular IP that tried to DDoS me, its from a company that offers DDoS protection so i assume this is a method they use to get customers in the door, i wont mention the name yet as i have reached out to them for comment, there may just be a glitch in their system.
I'm using SQL Server 2017 on CentOS 7 x64. many users trying to get access to the SA account of SQL Server with many Password Attempts, unfortunately, I won't block with CSF.
how it's possible to block those users? Please take a look at the attached picture.
Server is CentOS 7.7
csf update script is in /etc/cron.d/csf_update
cron logs show the job is being run once per day as expected
root has been set as the recipient of emails
But I m not getting an email telling me it's run.
I used to get these emails when my VPS was on CentOS 6 with a different host. I moved hosts and am now on CentOS 7.7, and when I installed CSF, I migrated all settings from...
I have reviewed some of the other posts, particularly the one listed below and tried that solution but it did not resolve it. I have been able to duplicate this issue on 2 Webmin servers and a DNS CPanel server. See the notes along with the information to explain and break it down.
<<-- Did not fix it
The error is...
Can't open PID file /run/lfd.pid (yet?) after start: No such file or...
New account has been created with uid: gid: login: shell:
But on the server everything seems to be fine, user not missing, wasn't deleted, scanned with rootkit hunters, etc and it doesn't seems to be compromised.
Could someone please direct me to a list of ALL the IP addresses that ConfigServer Services uses?
I have 85.10.199.177 in my csf.allow and csf.ignore files so that CSF+LFD can download updates, but I had to add an empty csf.deny file and restrat scf+lfd in order to get the email from the registration for the HELPDESK.
I would like to use this service to find out if an IP is good or bad:
If it is bad, I would like to redirect all traffic from that IP to a blank page.
I am thinking of writing a script to check each IP against this service and pass matching bad IPs to a forwarding mechanism. Since I realized that doing this in realtime might not be practical. Moreover, there is a ratelimit imposed by...
i have ubuntu 12.04. In this version the logfile messages does not work. All information is now in syslog. I think configserver syslog_check needs messages for working.
Is there a way to learn syslog_check how to do or must I do without this feature?
It seems that installing CSF on cPanel v66.0.24 causes cpanel_dovecot_solr not to connect to cron 'maintenance' scriptt .
It throws 401 error and this is what you get:
$ sudo /usr/bin/test -e /etc/cpanel-dovecot-solrdisable ||
/usr/local/cpanel/3rdparty/scripts/cpanel_dovecot_solr_commit
Cpanel::Exception::HTTP::Network/(XID n7ux4c) The system failed to send an HTTP “GET” request to “ because...
One of my client claims that the access from his PC has been blocked many times by csf recently.
He restarts the rooter, then the new ip address allocated by DHCP changes(He uses dynamic ip address) and he can access to the site for a while, however, his new access ip is blocked soon again and again.
I also received the alert of csf many times when his access ip address...
I don't know how long this has been going on, I only recently discovered it in my error logs. Many years ago, though, I used to write Perl scripts and import the output from a PHP file using LWP::Simple. Like so:
I am using csf -td to block certain IP addresses. This adds them to the LOGDROPIN chain. However, in the INPUT chain, LOGDROPIN comes AFTER the ACCEPT rules for specific ports, this effectively allows IP addresses that should be denied to still hit the computer via open ports. For example, even a blocked computer can connect to ports 80 and 443 here because they come before the LOGDROPIN chain....
hello,
there is any way to exclude single email address account (email@domain.com) to LF_DISTSMTP check ? i have email account use from different server ( about 30 different ip ) but i don't want to add this ip to ignore list.
thanks
I ran into some errors today when installing CSF on an Ubuntu 18.04 VPS system.
*WARNING* TESTING mode is enabled - do not forget to disable it in the configuration
'lfd.service' -> '/usr/lib/systemd/system/lfd.service'
'csf.service' -> '/usr/lib/systemd/system/csf.service'
chcon: invalid context: ‘system_u:object_r:systemd_unit_file_t:s0’: No such file or directory
chcon: invalid context:...
Hi All, new install of CSF on Centos 7.7 with Cpanel 84. If there is an IP entry in the deny file, the service won't start. If I remove all entries in deny, it works.
LOG icmpv6 opt in * out * ::/0 -> ::/0 limit: avg 30/min burst 5 LOG flags 8 level 4 prefix Firewall: *ICMP6OUT Blocked*
DROP all opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0
REJECT all opt -- in * out * 0.0.0.0/0 -> 0.0.0.0/0...
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum