ConfigServer Community Forum

Is it possible to block IPs from reaching any of the VEs inside an OpenVZ node? We have CSF installed on the host node. Some of the VEs do not have CSF installed. We are wanting to block certain IPs from accessing those VEs. Blocking the IP on the hostnode doesn't seem to have any affect. I suspect ...

Has anybody started to recently get Excessive processes and Suspicious process message from LFD regarding the prelinking of /lib64/libfreebl3.so? These appear to be running under normal user accounts, i.e.: lfd on host: Excessive processes running under user user1 User:user1 PID:10116 PPID:10099 Run...

Version 5.07 appears to show the behavior that I expect. Local regular users are unable to connect to port 25. I'm not sure what all has changed between 5.07 and 6.10. Nothing stands out to me from the changelog. Perhaps something to do with IPv6? Kind of at a loss. It may be something that I don't ...

I seem to be seeing an issue with this too. It looks like SMTP_ALLOWUSER is no longer working properly in version 6.10. At least from what I can remember. My config has the lines: SMTP_BLOCK = "1" SMTP_ALLOWLOCAL = "0" SMTP_PORTS = "25" SMTP_ALLOWUSER = "cpanel&quo...

Anyway to disable this? Apparently this causes issues with people who don't believe in logging out of webmail and then just let their computer hibernate or suspend. I honestly don't know what they are doing, but it appears to be affecting some users. Anybody else seeing similar issues? There's just ...

I can't get CSF 5.76 to start on a VPS. I note that running /etc/csf/csftest.pl gives the output: Testing ip_tables/iptable_filter...OK Testing ipt_LOG...OK Testing ipt_multiport/xt_multiport...OK Testing ipt_REJECT...OK Testing ipt_state/xt_state...OK Testing ipt_limit/xt_limit...OK Testing ipt_rec...

Should LFD be blocking DEFERRED LOGIN attempts in /usr/local/cpanel/logs/login_log ? We recently had a situation where a large number of these entries were being logged and it was raising the server load on the server. However, LFD wasn't blocking them, and looking through the code, I don't guess it...

Even with single quotes you have to escape out the pipe characters.

At least that is with my experience using a bash shell.

Actually, I looked into this some more after I submitted this. It looks like the pipe is messing with the regex matching in the line searching. This is what I am seeing with csf Version 5.09 . This appears to be correctable by escaping the pipe out before any regex searching is done. On line 844 of ...

I understand the need to move away from colons (:) as a separator for denying and allowing rules due to upcoming IPv6. Just wondering why pipe (|) was chosen as the alternative? I believe this was introduced in version 5.04. Reason being, to add a rule to the csf.deny file via the command line you c...