ConfigServer Community Forum

Peer support forums for ConfigServer Scripts
https://mail.forum.configserver.com/

CSF 2.87 not blocking .deny at startup

https://mail.forum.configserver.com/viewtopic.php?t=705

Page 1 of 1

CSF 2.87 not blocking .deny at startup

Posted: 10 Aug 2007, 16:55
by cemper
For some odd reason the new CSF 2.87 is not blocking the previously blocked IPs/ranges from the deny file

While it looks like it generates a lot of iptable rules, does do not have an effect

Furthermore it must be noted that a "quick deny" for an IP, doing an iptable statement still works... but that block is gone after CSF restart

a normal IPTABLES statement for blocking IP/ranges also works

Anyone else experiencing this? We actually had 2 production servers unsecure the last couple days and still don't know what's going on therer

HELP PLEASE!

Posted: 11 Aug 2007, 20:25
by cemper
it appears this problem is related to the WHM plugin not correctly reading the csf.conf,
which means, while "monolithic_kernel" was set in WHM it wasnt reflected in csf.conf !?!:confused:

Posted: 13 Aug 2007, 10:27
by chirpy
The WHM plugin simply reads /etc/csf/csf.conf

Posted: 17 Aug 2007, 08:12
by cemper
chirpy wrote:The WHM plugin simply reads /etc/csf/csf.conf
well, that's what it says and obviously that was the reason for 2 days of headaches.

the WHM plugin did not correctly UPDATE the csf.conf then,
so a couple settings were wrong for 2 days, rendering the firewall inactive....

we editied csf.conf by hand to cure this
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited