ConfigServer Community Forum

Hello All

i have a server with openvz kernel , and i have a vps with cpanel .

when i activating the csf , no access to the vps . i should disable csf to get it work again .

i have followed all the tips that i should do in the host node and in the vps conf .

i have applied the suggestion from the sticky thread , i have changed the port to the venet0+ and no success . all test give me ok ....

Hi

I want to move from fail 2 ban to csf and i use a regex to check var/log/freeswitch/debug.log for failed auth attempts

how would i translate that into a regex for csf?

\ sofia_reg.c:\d+ SIP auth failure \(REGISTER\) on sofia profile \' +\' for \ from ip
\ sofia_reg.c:\d+ SIP auth failure \(INVITE\) on sofia profile \' +\' for \ from ip

I am having trouble with my CSF and denying whole countries.
I am trying to block the country of Chia.
I have the following line in my csf.conf file.
CC_DENY = CN,RU,VN,NG,RO,UA,IN
I have restarted my csf after I made changes.

I am still getting IP's from China getting to my server.
I have checked my server logs and there are IP's that start with 175.44, which are from China.

Am I doing...

Hi guys, apologies if this is in the wrong section. But I've ran out of options on what to do with this specific problem. I've done the research, and I can't seem figure out what it is. Other people keep getting the MLSD error on the FTP side. I can connect perfectly (probably because cPanel/Server recognizes im the admin IP (idk))

But the error they get is:

Response: 200 PORT command...

Most of the posts with this error are on shared hosting. I have a dedicated server with this error.
When I run the IP Tables test from csf I get:
Testing iptables...

Testing ip_tables/iptable_filter...OK
Testing ipt_LOG...OK
Testing ipt_multiport/xt_multiport...OK
Testing ipt_REJECT...OK
Testing ipt_state/xt_state...OK
Testing ipt_limit/xt_limit...OK
Testing ipt_recent...OK
Testing...

hi there

I have installed csf but seem to have come across some issues when testing the tables

Testing ip_tables/iptable_filter...OK
Testing ipt_LOG...OK
Testing ipt_multiport/xt_multiport...OK
Testing ipt_REJECT...OK
Testing ipt_state/xt_state...OK
Testing ipt_limit/xt_limit...OK
Testing ipt_recent...FAILED - Required for PORTFLOOD and PORTKNOCKING features
Testing xt_connlimit...FAILED -...

Hi,

We are using csfpre.sh to add some nat rules to our iptables.

After a server reboot, I need to restart csf service again for those rules to be added.

Any pointer on how to solve this ?

Thanks

With our WHM VPS, we use a third party service for weekly backups. This process always triggers the following:

/usr/local/cpanel/3rdparty/perl/514/bin/perl

We receive a CSF alert for each and every account that gets backed up. Is it safe to ignore this Perl path in csf.pignore? If so, do I simply add a line for:

exe:/usr/local/cpanel/3rdparty/perl/514/bin/perl

thanks.

Hi i keep getting a few of these below could someone please let me know how to fix this.

Excessive resource usage: mailman

I recently moved the IP of one of our DNS servers to a new cpanel server after checking DNS was running correctly on the server. However since moving the IP and adding it to the new server we are getting lots of LFd temp blocks for servers connection to DNS (example below)

Port 53 is in the list of open UDP ports in CSF so i'm at a loss to understand what the problem is. Anyone got any ideas....

Hi

We are receiving lfd on : Excessive resource usage: nagios emails from one of our servers every hour. Our CSF version is
csf v6.11

Content of email is:
Time: Sun Jun 2 01:00:38 2013 +0100
Account: nagios
Resource: Process Time
Exceeded: 42890 > 1800 (seconds)

Executable: /usr/sbin/nrpe
Command Line: /usr/sbin/nrpe -c /etc/nrpe.cfg -d
PID: 3247 (Parent PID:3247)
Killed: No

Can anyone...

Hello,

Anyone else have this problem? My CSF/LFD keeps banning my IP (usually from PopPeeper accessing mail too often), I try adding myself to the allow list, but my IP changes daily, or every time my connection is reset.

Any thoughts or suggestions on what I could do to keep myself unbanned?

Thanks sincerely in advance,

Edward Tate.

If I do csf -x and attempt to upload a file then it works, if I enable CSF then the upload drops. I'm sure I've missed a setting somewhere and would appreciate a point in the right direction.

I've diabled ICMP as that was causing issues but apart from that I can't think of anything else in the settings. I've been using CSF for years now and never seen this problem but have checked everything I...

Hello everyone, I set up CSF on my server that I plan on using to host a large Minecraft Server on.

I'm not sure of the best settings to use because I don't want it to start banning innocent IP addresses but still prevent attacks.

The Server will be holding ~100-150 people constantly, I am not using cPanel or any other web admin tool.

If anyone can recommend anything please reply back thanks.

Hi Chirpy and thanks as always for all that you do :)

I noticed these errors/warnings during a 6.09 to 6.10 upgrade...

...
...
mode of `/etc/csf/uninstall.sh' changed to 0700 (rwx------)
chmod: cannot access `/etc/csf/*.php': No such file or directory
failed to change mode of `/etc/csf/*.php' to 0000 (---------)
mode of `/etc/csf/webmin/csf/index.cgi' changed to 0700 (rwx------)
mode of...

what could be the format in the remote .txt file?
I just put ip in the .txt file like below:
1.2.3.4
3.3.2.1

Is it ok?

Hello,

I have searched about the file csf.dnscache but I am not sure what this file is having. I can see an entry similar to the following one.

--
# cat /etc/csf/csf.dnscache
206.169.86.130|206.169.86.130|206-169-86-130.static.twtelecom. net
67.182.18.58|67.182.18.58|c-67-182-18-58.hsd1. ca.comcast. net
93.97.146.248|93.97.146.248|93-97-146-248.zone5. bethere. co. uk...

I have a CentOS 5.8 server, with a game server on it. I have web hosting on a different server, and I'm trying to query the game server using PHP. It's sending a UDP request to the server, but it is being blocked. I turn off CSF and the request is successfully made. I had tried the following,

- Allow All Ports, Incoming and Outgoing TCP And UDP
- Put the incoming request's IP into my csf.allow...

I just noticed today, that after an update 6.06 the Webmin module stopped displaying View IP tables Log, the one that right under View lfd log.

I have latest CSF but this feature is important. Could you please fix it?

P.S. I'm running latest Webmin 1.630 on CentOS 6.4. By the way same was on 1.620!

Hi,

latest CSF, I've many emails like lfd on host: Suspicious process running under user xxx . This is nice feature but this send me many emails, so i try to turn off this but with no result:

PT_LIMIT = 0
PT_USERPROC = 0
PT_USERMEM = 0
PT_USERTIME = 0

csf -r

and nothing changes. still have info about my procceses. So i try add them to cf.pignore:

mail says: Executable:

/usr/bin/perl...