ConfigServer Community Forum

Hello, Can i ignore user or mailbox when RT_AUTHRELAY_LIMIT is reached? BACKGROUND: i am sending an e-mail from a PHP script from server A from a domain protected by cloudflare. The e-mail is sent from a PHP script via SMTP which is locared on server B on server B is CSF RT_AUTHRELAY_ALERT = on RT_A...

lsmod|grep -E "owner|multiport" xt_owner 2258 19 xt_multiport 2716 38 vzctl exec CTIDHERE perl /usr/local/csf/bin/csftest.pl|grep FAILED Testing ipt_multiport/xt_multiport...FAILED [FATAL Error: FATAL: Could not load /lib/modules/2.6.32-042stab093.5/modules.dep: No such file or directory] ...

As a noob, i bet this is not possible in CSF, unless you whitelist bogons in csf.ignore (in csf.allow too?) and then manually block them in iptables for certain interface:
IN:
iptables -A INPUT -i eth0 -s BOGONIP -j DROP
OUT:
iptables -A OUTPUT -i eth0 -s BOGONIP -j DROP
i am probably wrong

the bad IP can only be caught by the next layer, your web server software, typically apache or nginx, once it fully decodes the request and inspects the headers (another option is the third layer of the PHP or Perl application) so unfortunately this is out of the hands of CSF Apache module "mo...

> IP match in csf.allow, block may not work
does this mean that you have that IP listed in /etc/csf/csf.allow ?
Also i am a noob, but isn"t possible that CSF blocking 403 and not 406 ?

Yes, please allow adding custom iptables rules upon csf start. I found interesting rules here: https://javapipe.com/iptables-ddos-protection Which i would like to use. Problem is that i think they are erased when csf is restarted? Update: it do not seems like they are erased upon csf restart, but wh...

You found solution? Tried to ask on Direct admin forums?
Tried to watch /var/log/lfd.log when the issue happen?

Try to disable csf -X Work on the server to see if it is problem free. After some days, edit /etc/csf/csf.conf and use testing mode enable it csf -e watch /var/log/lfd.log and other server logs when you experience timeouts or such. Also if you want to auto-start lfd if it is not running, try cronjob...

i do not know what is MESSENGER template, but try to make sure HTTPS is working on the server. Trying to pause CSF. Watching log file /var/log/lfd.log

You added the ip to the csf.ignore and csf.allow, but did you restarted csf? (csf -r)
Also check /var/log/lfd.log to see what happens during that timeout.

If some local script/process is involved, try adding it to the csf.pignore or such files.