CSF addon for Directadmin and too big POST requests
Posted: 23 Dec 2022, 17:37
Hello,
Having too many data in /etc/csf/csf.deny makes it impossible to edit the file in a web-interface of Directadmin.
It is a built-in limit in DirectAdmin when a loading variable 'POST' is limited to hard-coded 125749 bytes. Whenever a 'POST' request of a bigger size arrives it gets rejected by DirectAdmin and no changes are actually saved.
In Directadmin logs one can see a line of the following kind in such a case:
The limit will be already hit with 900+ records in the file. That happens because of so detailed comments in the file. See
- 868 records with comments will take 123895 bytes
- The same amount of records in csf.deny will take only 13354 bytes if I strip all the comments out of the file.
OK, so we have two possible solutions:
1. Give users an option to get IPs added by lfd into csf.deny without comments. I mean here comments like these:
2. Update the plugin to use STDIN when saving data in DirectAdmin plugin. Here is a guide: https://www.directadmin.com/features.php?id=2077
I've already contacted DirectAdmin developers on the matter, and they are open for cooperation.
They would be willing to dig up deeper for the best approach for the plugin, but the intention should come from the plugin developers, if they really intend to change anything on their plugin and cooperate. That's what they replied to me.
I hope it will be a good cooperation and we all benefit from it.
Regards,
Alex.
Having too many data in /etc/csf/csf.deny makes it impossible to edit the file in a web-interface of Directadmin.
It is a built-in limit in DirectAdmin when a loading variable 'POST' is limited to hard-coded 125749 bytes. Whenever a 'POST' request of a bigger size arrives it gets rejected by DirectAdmin and no changes are actually saved.
In Directadmin logs one can see a line of the following kind in such a case:
Code: Select all
System::load_to_env: loading variable 'POST' is larger than MAX_ENV_LEN(125749) so will be skipped- 868 records with comments will take 123895 bytes
- The same amount of records in csf.deny will take only 13354 bytes if I strip all the comments out of the file.
OK, so we have two possible solutions:
1. Give users an option to get IPs added by lfd into csf.deny without comments. I mean here comments like these:
Code: Select all
212.70.149.2 # lfd: (PERMBLOCK) 212.70.149.2 (BG/Bulgaria/-) has had more than 4 temp blocks in the last 86400 secs - Wed Dec 21 08:27:24 2022
89.248.165.54 # lfd: (PERMBLOCK) 89.248.165.54 (NL/Netherlands/recyber.net) has had more than 4 temp blocks in the last 86400 secs - Wed Dec 21 09:15:57 2022
185.224.128.209 # lfd: (PERMBLOCK) 185.224.128.209 (NL/Netherlands/hosted-by.as49870.net) has had more than 4 temp blocks in the last 86400 secs - Wed Dec 21 19:22:11 2022
101.32.184.69 # lfd: (PERMBLOCK) 101.32.184.69 (HK/Hong Kong/-) has had more than 4 temp blocks in the last 86400 secs - Thu Dec 22 01:19:58 2022
89.248.165.242 # lfd: (PERMBLOCK) 89.248.165.242 (NL/Netherlands/recyber.net) has had more than 4 temp blocks in the last 86400 secs - Thu Dec 22 20:36:19 2022
186.2.171.28 # lfd: (PERMBLOCK) 186.2.171.28 (BZ/Belize/REMOTE-DDOS-PROTECTION.PROXY.VPZ) has had more than 4 temp blocks in the last 86400 secs - Fri Dec 23 07:49:23 2022I've already contacted DirectAdmin developers on the matter, and they are open for cooperation.
They would be willing to dig up deeper for the best approach for the plugin, but the intention should come from the plugin developers, if they really intend to change anything on their plugin and cooperate. That's what they replied to me.
I hope it will be a good cooperation and we all benefit from it.
Regards,
Alex.