I want to know if it's possible to have an option to EXCL:UDE CLEAN user accounts from the report we receive via email?
This way, we can get a more concise report and easier to scroll when reading from mobile device.
I just noticed that the scan DAILY is also launched at the same time than the WEEKLY.
Ressources wise, I would prefer if I can have more control over the cron like:
- daily scan from days 0 to 5 (Monday through Saturday)
- weekly scan on day 6 (Sunday)
Do you have a suggestion ?
BTW, your CXS is INCREDIBLE !! It founded many vulnerabilities when I was sure I had none on my servers....
csf is currently restarting - command skipped on line 3416
I've recently updated cPanel to the latest version after the exim bug, since then my CSF is acting up and restarting after every 5 to 15 minutes and this goes on constantly. Probably it wasn't a solution to my issue but I uninstalled CSF and installed it again. But the issue still persists.
Currently the following IP's are configured in CSF for cPanel support:
184.108.40.206 # cPanel Auth Server
220.127.116.11 # cPanel Auth Server
18.104.22.168 # cPanel Auth Server
22.214.171.124 # cPanel Auth Server
126.96.36.199 # cPanel Auth Server
188.8.131.52 # cPanel Auth Server
Upon opening a new ticket last week, we were advised that their support address block has changed to:
Hi. I'm wondering if there's a way to not receive warnings for, say, ssh-agent for a specific user. I know that I can ignore all processes by a user, and all warnings for a specific executable, but is there a way to combine the two and ignore a specific process by a specific user?
I have a domain that crawls a lot of other domains. For sites that have a lot of urls to crawl I get a permanent block do to CT_LIMIT being reached. I know i can add the IP addresses for them in csf.allow, but this doesn't work as my site is a SaaS and needs to allow lots of different IP addresses. Is there a way for me to have this one domain not monitored for CT_LIMIT?
I am currently evaluating CSF / LFD, I have a colleague that put me on CSF, and he claims that:
CSF/LFD it could warn/block on *successful* logins from multiple IPs.
I just want to double check with community if that is true. I don't know if it is in my heads, but it just seems a little hard to be true. Or back to front thinking , for surely tools like LFD / fail2ban etc monitor...
After updating Monitored Services in WHM / Service Manager I got an error when Saving / Restarting.
Waiting for “mailscanner” to start ……waiting for “mailscanner” to initialize ………failed.
Cpanel::Exception::Services::StartError Service Status
(XID eckgdv) The “mailscanner” service failed to start....
We're trying to route all traffic on our server through Sucuri's networks, and for the most part that's worked with the following entries in /etc/csf/csf.allow (IPs listed below are not private, they are owned by Sucuri and publically accessible):
tcp|in|d=80|s=184.108.40.206/23 # Sucuri Range
tcp|in|d=80|s=220.127.116.11/24 # Sucuri Range
tcp|in|d=80|s=18.104.22.168/22 # Sucuri Range...