ConfigServer Community Forum

Hello,
i try to use csf firewall with docker
i read some tutorial, and i create a working solutions but i have a small problem...

m S.O. is almalinux 9

of course i try to enable
DOCKER = 1
in csf.conf but doesn't work.

so i use this setings and work
nano /etc/docker/daemon.json

{
iptables : false
}

nano /etc/csf/csfpost.sh

#!/bin/bash...

We use nf_tables on Debian 11, but on every configserver update the iptables are set back to legacy.

Very strange behavior and it breaks a lot of functionality over and over.

Any fix for this?

Hi,

when add blocklist on csf.blocklists ,
where will the ip stored ? ram or ?

will it slow down site and server performance when i add 1M ips ?

thanks

CSF is blocking all external email (gmail, hotmail, yahoo, etc). I have seen a few discussions on this topic here but nothing specifically fixes the problem.

CSF v14.18
WHM/cPanel 110.5

External emails work fine when CSF is off. I saw one thread that mentions something about WHM v110.5 and sshd and smtp settings but the solution is not specific enough to implement.

SMTP Restrictions is...

Hello team,

I am using cyber panel to handle my server and along with csf services to secure the server but the server is not getting to SMTP services when csf is enabled on the server, I disabled csf services and tried connecting my WordPress to SMTP services and it worked, I want to use csf services for my server because one service to secure the server, I heard good feedbacks from others...

I have enabled IPV6 in csf.conf - but a specific IPV6 address continually hitting my server - how to block it ?

I put it in the /etc/csf/csf.deny: but it is not stopping it

Please help;

Hello,
Can anyone explain how to set LFD to send only one summary e-mail report per day?

Thanks,
P.S.: Sometimes we receive thousands of such Login failure alerts per day.

Time: Tue May 2 11:01:20 2023 -0300
IP: 34.126.78.62 (SG/Singapore/62.78.126.34.bc.googleusercontent.com)
Failures: 5 (sshd)
Interval: 3600 seconds
Blocked: Permanent Block

Log entries:
May 2 10:50:23 xbeta sshd : Invalid...

Hello,
I am using whm with csf, csx, and i have zerotier on the server (www.zerotier.com).

From time to time, zerotier goes offline and cannot connect to its network.
To fix this, i stop csf, restart zerotier, it turns on, i turn back on csf. It works for a while.

I have enabled the ports in csf config.

What shall i try next to do?

Thank you

Hello

I have two related questions if you could answer, I would be very grateful;

1) I am using Mod security as well as CSV on my Apache Centos server. I have been getting some IPV6 attacks and mod security is adding them to the mod security block just fine - but how can I manually add the offending IPV6 address into CSF? For example this one: 2a03:6f00:1::5c35:601e - when I try to add it I get...

Hi

very new to configserver and trying to figure it al out.

Getting loads of these in my logs, how can i block them?? cannot seem to find anything?
Thank you

Apr 18 07:19:18 submission-login: Info: Client has quit the connection (auth failed, 1 attempts in 20 secs): user= , method=LOGIN, rip=46.148.40.92, lip=removed, session=

Hello ALL,

I use centreon to monitoring my servers.

centreon client use SSH to connect to my other servers every 5 min to check process running for exemple.
So I receive email every 5 min...

Account: customuser
Method: publickey authentication
Log line:
.. Accepted publickey for customuser from ... ssh2: ...

Is there any method disable emails for this specific user/ip source ?

Thank you for...

Hello

we have a strange issue on one server.

Customer have IP in allow list, but canno access to server.
IP is also not in any deny list.

If we disable csf customer can access without issue

Thanks for any help / suggest

Hello,

I have a VPS hosted by Hetzner, with Almalinux 8 and Webuzo control panel.

I disabled firewalld and I installed CSF via Webuzo.

I had many trouble to configure it.

In the Webuzo/Security/IP block list, I have many times these address blocked:
- 185.12.64.2
- 185.12.64.1
- 0.0.0.0

I doesn't affect the usage of my website, but I do not understand what is the reason.

These address are...

LFD sends emails without Message-ID which causes gmail to flag ethese emails as SPAM

Refer

And with ongoing emails being generated by ldf, the spam rate originating from domain/ip goes high and eventually makes a negative impact on the reputation of the ip and domain

This is definitely a critical bug and needs to be addressed
Kindly treat this as critical to be addressed on urgent priority

Hi,

on my cpanel/litespeed server.

i try to type wrong login at host:7080 many times,

but my ip still does not be blocked by csf,

is it normal ?

how can i let csf/lfd detect it and blcok the ip as ftp/cpanel login fail.

thanks