Running Amazon EC2 (Amazon Linux) with a load balancer.
CSF has been running fine until today (some 1.5 years).
I logged in via SSH and ran the latest update for EC2.
Then restarted CSF - and https and sftp stop working worldwide.
Disable CSF - all good.
Turn CSF TEST MODE on - all fails.
- My understanding is LFD does not run when in test mode. So LFD not the issue.
I have flushed iptables, and flushed all denies.
With CSF test mode enabled, I can SSH, but not SFTP or HTTPS
FTP (FileZilla) appears to connect, but no response ever returned. HTTPS just times out.
Ideas?
CSF (not LFD) blocking all incoming except SSH?
-
wmgilligan2
- Junior Member
- Posts: 3
- Joined: 19 Apr 2019, 16:44
-
wmgilligan2
- Junior Member
- Posts: 3
- Joined: 19 Apr 2019, 16:44
Re: CSF (not LFD) blocking all incoming except SSH?
Nope. No ideas..... Still an issue.
Anyone use a load balance, AWS and CSF?
Anyone use a load balance, AWS and CSF?
-
BallyBasic79
- Junior Member
- Posts: 80
- Joined: 22 Aug 2019, 21:43
Re: CSF (not LFD) blocking all incoming except SSH?
Maybe share your csf.conf for some clues. Shouldn't be anything confidential in it, but check to be sure. Also confirm your CSF version.
-
wmgilligan2
- Junior Member
- Posts: 3
- Joined: 19 Apr 2019, 16:44
Re: CSF (not LFD) blocking all incoming except SSH?
csf: v13.06 (generic)
Config to big to cut/paste here...
Looking for ideas - ports, etc to open the door.
Config to big to cut/paste here...
Looking for ideas - ports, etc to open the door.
-
BallyBasic79
- Junior Member
- Posts: 80
- Joined: 22 Aug 2019, 21:43
Re: CSF (not LFD) blocking all incoming except SSH?
For the config, using text editor to strip all lines beginning with # reduces length by 72%.
Most important lines in this case are:
HTTPS = 443
SFTP = 21
In web interface, use View Listening Ports to confirm status of ports. In terminal, use: csf -p
Important: check to ensure that your IP used for FTP or HTTP is not being blocked. In web interface, use Search for IP to check your IP. In terminal, use: csf -g IP
This will give you the status of those ports and the ability to get through them from your IP. Hope it helps.
Most important lines in this case are:
*This is a sample from one of my configs. Your details may vary.TCP_IN = "25,36,53,80,110,143,443,465,587,993,995,2077,2078,2082,2083,2086,2087,2095,2096,26"
TCP_OUT = "25,36,37,43,53,80,110,113,443,587,873,2086,2087,2089,2703"
TCP6_IN = "25,36,53,80,110,143,443,465,587,993,995,2077,2078,2082,2083,2086,2087,2095,2096"
TCP6_OUT = "25,36,37,43,53,80,110,113,443,587,873,2086,2087,2089,2703"
PORTS_pop3d = "110,995"
PORTS_imapd = "143,993"
PORTS_htpasswd = "80,443"
PORTS_mod_security = "80,443"
PORTS_mod_qos = "80,443"
PORTS_symlink = "80,443"
PORTS_suhosin = "80,443"
PORTS_cxs = "80,443"
PORTS_bind = "53"
PORTS_ftpd = "20,21"
PORTS_webmin = "10000"
PORTS_cpanel = "2077,2078,2082,2083,2086,2087,2095,2096"
PORTS_smtpauth = "25,465,587"
PORTS_eximsyntax = "25,465,587"
PORTS_sshd = "22"
HTTPS = 443
SFTP = 21
In web interface, use View Listening Ports to confirm status of ports. In terminal, use: csf -p
Important: check to ensure that your IP used for FTP or HTTP is not being blocked. In web interface, use Search for IP to check your IP. In terminal, use: csf -g IP
This will give you the status of those ports and the ability to get through them from your IP. Hope it helps.