Search found 7 matches

by csfusr
14 Jan 2014, 23:15
Forum: General Discussion (csf)
Topic: Tor blocklist is not saved
Replies: 4
Views: 5182

Re: Tor blocklist is not saved

Ah. OK, my bad. Missed the second page of the thread. Thanks, works fine now.
by csfusr
12 Jan 2014, 01:02
Forum: General Discussion (csf)
Topic: Tor blocklist is not saved
Replies: 4
Views: 5182

Re: Tor blocklist is not saved

Thanks but the URL is manually modified to the one suggested by you on that thread and the download still fails.

Code: Select all

Unable to retrieve blocklist TOR - Unable to download: 599 - Net::SSLeay 1.49 must be installed for https support
The server has Net::SSLeay 1.57
by csfusr
10 Jan 2014, 23:34
Forum: General Discussion (csf)
Topic: Tor blocklist is not saved
Replies: 4
Views: 5182

Tor blocklist is not saved

I have

Code: Select all

TOR|86400|0|http://check.torproject.org/cgi-bin/TorBulkExitList.py?ip=1.1.1.1
in /etc/csf/csf.blocklists. But no csf.block.TOR is created in /var/lib/csf/

--
CENTOS 5.10 i686 virtuozzo – vps
csf v6.40
by csfusr
16 Apr 2012, 04:51
Forum: Report Bugs (csf)
Topic: Melange false negative on WHM 11.32.2b18
Replies: 1
Views: 3014

Melange false negative on WHM 11.32.2b18

WHM 11.32.2 (build 18) csf v5.49 WHM Settings Check: The Melange Chat Server has been deprecated by cPanel and as such should be considered a security concern. You should enable WHM > Tweak Settings > Do not start deprecated Melange 1.10 chat server In this version there is no Tweak Settings > Enabl...
by csfusr
17 Jul 2010, 22:39
Forum: Suggestions (csf)
Topic: ServerSignature and ServerTokens
Replies: 3
Views: 4115

I think I did not phrase well. To use ModSecurity SecServerSignature setting, Apache ServerTokens directive must be set to Full . But when ServerTokens directive is set to Full, and ServerSignature to On, CSF gives warnings. CSF warnings are justified if those two directives are in use without the u...
by csfusr
16 Jul 2010, 21:06
Forum: Suggestions (csf)
Topic: ServerSignature and ServerTokens
Replies: 3
Views: 4115

ServerSignature and ServerTokens

Latest version of CSF warns about ServerSignature and ServerTokens when settings are On and non-ProductOnly respectively. However for ModSecurity SecServerSignature setting ServerTokens directive must be full. Could CSF take this into account?
by csfusr
15 Mar 2009, 18:37
Forum: Report Bugs (csf)
Topic: issue lfd Alert on ssh login
Replies: 2
Views: 4728

Same here. This started to happen recently; I did not receive those emails for logins from IPs in csf ignore.