Page 1 of 1

CSF user interface in DirectAdmin shows error after Upgrading from v14.02 to 14.03

Posted: 18 Jun 2020, 17:43
by dr1361teh
After auto upgrading csf from v14.02 to 14.03, the page of "ConfigServer Security & Firewall" in DirectAdmin shows "Security Error: Invalid parent" error.

Uninstalling and reinstalling CSF can not solve the issue.
Brute force and blocking ips are working fine, just loading CSF's user interface in Directadmin panel shows the error "Security Error: Invalid parent".

Any solution ?

Re: CSF user interface in DirectAdmin shows error after Upgrading from v14.02 to 14.03

Posted: 18 Jun 2020, 18:06
by ForumAdmin
What OS and theme are you using? We're unable to recreate an issue on CentOS v7/8 using the Evolution skin.

If you could do the following:

Edit /usr/local/directadmin/plugins/csf/exec/da_csf.cgi and from line 45, change:

Code: Select all

my ($ppid, $pexe) = &getexe(getppid());
if ($pexe ne "/usr/local/directadmin/directadmin") {
	print "Security Error: Invalid parent";
	exit;
}
to:

Code: Select all

my ($ppid, $pexe) = &getexe(getppid());
if ($pexe ne "/usr/local/directadmin/directadmin") {
	print "Security Error: Invalid parent [$pexe]";
	exit;
}
Then try again and post the full error message here.

To work around the issue for now, remove those lines from the script and it should then be OK.

Re: CSF user interface in DirectAdmin shows error after Upgrading from v14.02 to 14.03

Posted: 19 Jun 2020, 01:33
by dr1361teh
CentOS 7 and DirectAdmin 1.61.3

I get the same error in both Enhanced and Evolution skins.

After editing /usr/local/directadmin/plugins/csf/exec/da_csf.cgi , the full error message in both Enhanced and Evolution skins is the following line:

Code: Select all

Security Error: Invalid parent [/usr/local/directadmin/directadmin]

If I want to downgrade, how can I downgrade CSF to v14.02 ?

Re: CSF user interface in DirectAdmin shows error after Upgrading from v14.02 to 14.03

Posted: 19 Jun 2020, 08:38
by ForumAdmin
Can you confirm whether there is an additional dot within the square brackets. Our alert for your reply read it as [/usr/local/directadmin/.directadmin], not [/usr/local/directadmin/directadmin]. Which one is it?

As mentioned, you can work around the issue by removing the lines mentioned in our previous reply.