ConfigServer Community Forum

Peer support forums for ConfigServer Scripts
https://mail.forum.configserver.com/

CSF Blocking Legitimate SSH traffic

https://mail.forum.configserver.com/viewtopic.php?t=7335

Page 1 of 1

CSF Blocking Legitimate SSH traffic

Posted: 15 Jan 2014, 21:15
by blasto33
I have a developer working on a project on my server. He only connected to port 22 and 80 and it would block him. I have also seen this happen to http traffic. I have turned it off for now, as it blocks legitimate traffic. Is this normal?


Block:

Temporary Blocks: IP:112.110.51.230 Port: Dir:in TTL:3600 (lfd - *Port Scan* detected from 112.110.51.230 (IN/India/-). 11 hits in the last 285 seconds)
Adding 112.110.51.230 to csf.allow and iptables ACCEPT...

Re: CSF Blocking Legitimate SSH traffic

Posted: 16 Jan 2014, 09:13
by ForumAdmin
You would have to look at either your server message log or the email sent to the root forwarder for the iptables log lines that lfd detected the port scan for to determine why the IP was blocked.
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited