Search found 14 matches
- 06 May 2018, 23:35
- Forum: General Discussion (csf)
- Topic: How to rest MD5SUMs of dirwatch
- Replies: 1
- Views: 1955
Re: How to rest MD5SUMs of dirwatch
I believe I figured out how to do it. I moved (just in case it was wrong) /var/lib/csf/csf.tempwatch Hopefully that worked. After restarting csf, it see it regenerated the file with the MD5 checksums, however, it did not seem to change any of the actual checksums. How does one go about forcing csf t...
- 30 Apr 2018, 02:58
- Forum: General Discussion (csf)
- Topic: How to rest MD5SUMs of dirwatch
- Replies: 1
- Views: 1955
How to rest MD5SUMs of dirwatch
Hello, Is there a way to reset the database that stores the hashes of the files (or directories) listed in the /etc/csf.dirwatch file? We're working on our site again, and will be continuing to work on it. However, when we make changes, we'd like to inform csf / lfd about the changes so it doesn't s...
- 04 Aug 2017, 00:49
- Forum: General Discussion (csf)
- Topic: SSH : Allow only specific public IP
- Replies: 7
- Views: 5713
Re: SSH : Allow only specific public IP
Wouldn't using something like iptables be a better solution instead of using CSF to accomplish your task? Maybe I'm misunderstanding your question here. Does the 20 Linux servers reside on the same network? For example, the 192.168.1.0 network? If so, you could configure the SSH server to listen onl...
- 27 Jul 2017, 03:01
- Forum: General Discussion (csf)
- Topic: How to whitelist domain from firewall
- Replies: 2
- Views: 4865
Re: How to whitelist domain from firewall
I believe NotLim is correct and csf.dyndns is the correct file to list the domain(s) you want whitelisted. According to the file: ############################################################################### # The following FQDN's will be allowed through the firewall. This is controlled # by lfd w...
- 20 Jun 2017, 23:06
- Forum: Suggestions (csf)
- Topic: Remove OpenBL from csf.blocklists
- Replies: 2
- Views: 3863
- 20 Jun 2017, 19:34
- Forum: Suggestions (csf)
- Topic: Remove OpenBL from csf.blocklists
- Replies: 2
- Views: 3863
Remove OpenBL from csf.blocklists
Hello, In the csf.blocklists file, there's an entry: OPENBL|86400|0|https://www.openbl.org/lists/base_30days.txt I believe this entry should be considered for removal. The base_30days.txt file no longer exists, and by visiting https://www.openbl.org and searching the internet (ie, openbl.org's twitt...
- 20 Jun 2017, 17:19
- Forum: General Discussion (csf)
- Topic: IP address in csf.blocklist and csf.allow
- Replies: 2
- Views: 2541
Re: IP address in csf.blocklist and csf.allow
So in this case, the addresses will be allowed through? I can use iptables -L, in the future, to check, couldn't I? Maybe something like:
And if the IP address in the ALLOW section is first, then we should be good.
Thanks!
Code: Select all
iptables -L | grep <ip address I'm looking for>
Thanks!
- 20 Jun 2017, 01:14
- Forum: General Discussion (csf)
- Topic: IP address in csf.blocklist and csf.allow
- Replies: 2
- Views: 2541
IP address in csf.blocklist and csf.allow
Hello, I use scanmyserver.com to do an audit of my server. I was looking through the ModSec logs and saw an IP address that was there more than five times, performing a scan. I was curious as to why csf hadn't blocked them. So I went into the GUI and searched for the IP and then realized the IP belo...
- 18 Jun 2017, 22:38
- Forum: General Discussion (csf)
- Topic: Best way to whitelist IPv6 local loopback
- Replies: 4
- Views: 3851
Re: Best way to whitelist IPv6 local loopback
Wow! Thank you ForumAdmin! That csf.dyndns is exactly what I was looking for! Much appreciated.
- 18 Jun 2017, 21:48
- Forum: General Discussion (csf)
- Topic: Best way to whitelist IPv6 local loopback
- Replies: 4
- Views: 3851
Re: Best way to whitelist IPv6 local loopback
The localhost address for IPv6 should already be whitelisted in the same way localhost is for IPv4. In iptables parlance, you will see !lo which basically means ignore the loopback device. Additionally, lfd itself ignores 127.0.0.0/8 as well as ::1/128 so that the loopback IP's should never be acti...