ConfigServer Community Forum

A couple of days ago I started seeing this in lfd.log:
Jul 8 11:00:56 svr lfd[8991]: Unable to retrieve blocklist TOR - Unable to download: 403 - Forbidden

I get the same response if I try and visit http://exitlist.torproject.org/exit-addresses from my desktop. After a little digging, I found this - https://check.torproject.org/cgi-bin/TorBulkExitList.py which asks for the ip of the server, and then provides a url to download the list. So I replaced:
TOR|86400|0|http://exitlist.torproject.org/exit-addresses
with
TOR|86400|0|https://check.torproject.org/cgi-bin/To ... xx.xxx.xxx
in the blocklist configuration. However, now this is what I get in lfd.log:
Jul 10 12:30:46 svr lfd[9387]: Unable to retrieve blocklist TOR - Unable to download: 599 - Net::SSLeay 1.49 must be installed for https support

I have Net::SSLeay 1.54 installed. Does anyone know if this means that I speficially need 1.49 or am I missing something else.

Thanks

If you change the URL to the following it should start working again (note the http:// not https:// URL):

Thanks for the quick repsonse. That did the trick, I should have thought to try that before posting.

FYI, I noticed the 6.22 update says it modified the TOR URL to the one you mention, but it didn't change the url in my file. I didn't have the line active. It was commented out, so maybe that's the problem. It should of course update the URL commented or not I would think.

Same here.

For what it's worth.

2 VPS's, with Webmin, TOR url was not updated.
1 dedicated server, with DirectAdmin, TOR url was updated.

All servers have CentOS 6.4 O.S.
The dedicated server is only a week or so old. First installed version was 6.21. That might explain why it went OK on the ds and not on the VPS's. VPS's had versions before the directory structure change. (but where automatically updated on every new version.)

To also clarify, mine is CentOS 6.4 cPanel 11.38.1.6 dedicated server with many previous versions of the firewall installed.

The URL is only updated in new installations. You will have to modify it manually in /etc/csf.blocklists if you want to change it for existing installs.

Seems a little lacking in forethought not to update existing urls. The urls come with csf, so one would think they should be maintained by csf so when people like myself to decide to activate some more blocklists and have them immediately not work.

Also, I read the changelog for the new releases and it should mention you need to manually edit the URL if that's going to be the case rather than just:

"Modified TOR URL in /etc/csf/csf.blocklists to use:" which to me says it's modifying my url as I was expecting.

I am still getting the error below even after adjusting the url in /etc/csf/csf.blocklists as advised above (i tried with and without https://)
I noticed that the non-ssl url http:// cannot be accessed because it forcibly redirects to https://

Any ideas now?