Maybe adding a feature on setup to enable/disable CSF frontend on WHM be helpfull for those dummies that get managed Dedicated or VPS, so we can disable frontend for those that do not know how to deal with it.

Hi Chirpy :)

I changed your regex.pm a little to not block all mod_security related entries as some IPs were getting blocked for Access Allowed , for example :p

My rule is now :
if (($config{LF_MODSEC}) and ($line =~ /\ mod_security: Access denied/)) {
return ( mod_security triggered by ,$1, mod_security );

But I guess it will be overwritten with the next csf update... maybe you could...

Has anyone tested CSF on Debian?

Is it possible to modify the load monitoring system to run a script when it notices high load ? I think it would be quite an important tool for someone admins who know certain loads happen and may want to write a response to handle things automatically.

Hi,

May be it's possible to give suspicious.tar discovered by lfd a timestamp, so that more files can be kept in /cf/csf in case of more illegal scripts to examine.

Would be great!

Frans

Hello Chirpy,

would it be possible to add the IP address for SU alerts. I though if I just added the shortcut in the email alert it may put the IP in there, but it doesn't. IE:

lfd: SU login alert - Successful login from admin to root

Time: Thu Dec 21 09:09:28 2006
From: admin
To: root
Status: Successful login
IP:

as we now disabling direct root logins and it would be handy, when an alert...

I know there is a feature that allows us to only allow certain ports. Also one that allows us to drop incoming on certain ports. But I would love to see an option that allowed blocks based on destination ports.

It would be nice to have two new enhancements in csf menu:

1. new quick option for input allowing to put one IP same way as

2. new option and maybe other like... stop and start.

Best regards and great respect for Author :-)

Hi,

Your install script assumes that there is a path to sbin. For some reason my provider has omitted this and I haven't gotten around to changing it, as it usually isn't a problem.

Just a suggestion that you might consider adding /sbin/ before the calls to executables.

Or not...

Hi Chirpy,

like to see an option that would allow to turn off any logging from IP's listed in the ignore file or allow file. As I probably log into our server over a 100 times a day and I have an associate the logs into the server on a regular basics. I have both these IP's, which are static IP's. and they tend to load up the log file quiet abit.

So it would be handy to have an option to turn...

Could it be great, if LFS could tell if someone has uploaded some mp3 or exe files for downloading? or to let us know if one file of that type has been downloaded so many times?

Regards,
Sergio

I've actually done install of this under non cpanel systems and without issues. But the some of the recent versions concern me because they have more features which relate specifically to Cpanel.

Is there any plans to make it control panel independent ?

First of THANK YOU for some great software... I hope...I tried this awhile back and had a LOT of trouble with it... (my end I believe)

But I have been running APF and BFD for awhile... and was able to import the IP addresses from there into CSF... a suggestion would be to bring this file in or allow an option to import it...

Overall A GREAT piece of software!