Search found 6 matches

by datalude
25 Oct 2020, 07:50
Forum: Suggestions (csf)
Topic: nftables
Replies: 4
Views: 8324

Re: nftables

Just noticed Ubuntu 20.10 seems to have nftables as default, replacing iptables.
https://discourse.ubuntu.com/t/groovy-g ... otes/15533
by datalude
04 Aug 2020, 03:48
Forum: Suggestions (csf)
Topic: Ubuntu 20 has changed location of iptables binaries
Replies: 0
Views: 5086

Ubuntu 20 has changed location of iptables binaries

Just installed on a new Ubuntu 20 desktop. It turns out that Ubuntu has the iptables binaries in /usr/sbin/ now instead of /sbin/ . On installing csf with the install.sh script, it failed to pick this up and the iptables locations in the csf.conf file were left as /sbin/ When these were changed manu...
by datalude
09 Apr 2019, 04:28
Forum: General Discussion (csf)
Topic: Whitelisted IP being blocked
Replies: 3
Views: 3120

Re: Whitelisted IP being blocked

Another thought occurs to me. There are actually two different whitelist files used
csf.allow is used by csf to build the iptables rules.
csf.ignore is used by lfd
So maybe you actually need to add the IP addresses to csf.ignore instead.
by datalude
09 Apr 2019, 04:23
Forum: General Discussion (csf)
Topic: CSF Blocking My Customers Ip's
Replies: 2
Views: 2189

Re: CSF Blocking My Customers Ip's

My advice would be to go to the logs and see exactly what is triggering the block. It could be any number of things, but the log will tell you why that IP is being blocked. Once you've determined that, your options would be a) increase the threshold of blocking, b) remove the LFD check completely (u...
by datalude
09 Apr 2019, 04:20
Forum: General Discussion (csf)
Topic: What are the permissions allowed to an IP added to CSF whitelist?
Replies: 1
Views: 1785

Re: What are the permissions allowed to an IP added to CSF whitelist?

For a start he should be performing the penetration test as a hacker would see the server. Which means that he shouldn't have requested you to whitelist his IP address, in my opinion. But as CSF is blocking IP addresses by assessing from the logs how often they hit the server, it still means the por...
by datalude
09 Apr 2019, 04:14
Forum: General Discussion (csf)
Topic: Whitelisted IP being blocked
Replies: 3
Views: 3120

Re: Whitelisted IP being blocked

That would be my reading of it. The IP was suggested as a candidate for blocking by the mod_security module, but then csf refused to block it as it was in the allow list. In your conf file you'll see a line MODSEC_LOG = "/var/log/apache2/error.log" So that's where lfd is looking for that i...