ConfigServer Community Forum

Hello,
Using 3 ip on server. 2 is shared. 1 ip is dedicated for 1 website.

We need to close some ports for this 1 ip or domain. Usually mail ports. But these ports should only be closed for this reserved ip. It should not block other ip and sites on the shared server. Any chance to do this via csf or lfd? Thank you.

Hello!

This maybe a silly question. I've been using CSF on a server for years and just discovered the existence of blocklists.

If I enable a blocklist, in which file these blocks are logged? Or where i can see how much a blocklist is actually blocking.

Thanks!

Hello,

A couple of weeks ago, one server started to behave very strange. Sometimes websites don't work. But after 10 sec they are working.
cPanel takes sometime 1 minute to load and emails are getting errors in customers email clients.
We also get trown out of ssh pretty quickly.

Only way to fix the issue is to disable csf -x.

I see this when I restart csf:
INVALID tcp opt -- in !lo out *...

Hi all,

On a new server with CSF installed and 21 port opened I can’t connect to the server. It tries but is not listing the directory files. Once I turn off the CSF it works fine.

Under messages this is the relevant (I guess ?) part (I swapped IPs etc):

Aug 25 10:48:25 client516 kernel: Firewall: TCP_IN Blocked IN=ens3 OUT= MAC=MACaddress SRC=MyLocalIP DST=MyServerIP LEN=64 TOS=0x00 PREC=0x00...

Hello,
i have install a new server with centos 8 and csf and i have see very bad network performance.
When i disable csf, the performance is good.

In order to confirm the issue i have do this tests:

both servers is empty without any other vps. Also the storage i use have no load at all during tests.

server 1:
Xeon® E-2176G
64G ram
NVME hard disks
Proxmox 6.2-10

server 2:
Ryzen 9 3900
128G...

I have had a series of people visit my server to set up bogus accounts. I have blocked their ip addresses in csf, yet they are able to come back in with those same addresses and continue their malicious ways. I have confirmed the address is in the deny file. Server is Centos 7.6 running cpanel with csf and lfd installed. Any suggestions?

Hello, I'm using Cpanel/CSF with SMTP_BLOCK active.

I have two hosting accounts that must connect to google.com and elasticemail.com to send email.

The first account mysite1 is connecting to google correctly and sending messages, but the second account, the CSF is blocking from connecting to elasticemail.com

My CSF settings are

The SMTP Restrictions from Cpanel is disable.

SMTP_BLOCK = 1...

I've recently done an install of DirectAdmin on a rebuilt server, and csf is not showing in the UI.

It's installed and running, and it shows as such in the Plugin Manager, if just doesn't appear in the UI itself.

Any ideas?

I've posted this on the DA forum as well and so far no joy.

Thanks

Hi All.

What should the file in /usr/sbin/LFD look like?

I keep getting this error and have figued out that the LFD file is missing.

Job for lfd.service failed because the control process exited with error code. See systemctl status lfd.service and journalctl -xe for details.
● lfd.service - ConfigServer Firewall & Security - lfd
Loaded: loaded (/usr/lib/systemd/system/lfd.service; enabled;...

I have this setup to check every hour...is it possible to have it email when there is a detection that the ip is flagged?

right now i get the email with the OK but its just too much for every hour...

thanks

Hello,

I'm using WordOps 3.11.2, and I can't open port 587.

I have a site in Wordpress that uses Contact Form, and when I disable the firewall (csf -f), the contact form works fine. :)

But when I enable firewall, contact form stop working. :confused:

I change the settings in CSF.CONF, but nothing works.

See here:

I tried these commands:

sudo iptables -A INPUT -p tcp --dport 587 -m...

This has been going on since the 14.04 update. However, i thought it would be patched by now.
It loops the error until you disable the CDF and Lfd.
Any ideas would be appericated
CentOS 7.8

Startup Log Aug 13 11:56:43 ###OMITTED### systemd : Starting ConfigServer Firewall & Security - lfd...
Aug 13 11:56:44 ###OMITTED### lfd : syntax error at /usr/sbin/lfd line 7519, at EOF
Aug 13 11:56:44...

Hi all,
I just wondered can I configure things so I can run with smtp_block enabled but allow a specific I.p to bypass the block.

The system is Ubuntu 18.04 with Exim4

I have a bill manager running on another server ( Centos) with no smtp server, It's configured to use an account on the Ubuntu server to send emails. The account it uses is on the Ubuntu server and I've tried allowing the user...

Ubuntu 20.04.1 LTS

I'm not a new user for CSF and recently i installed this software in new Ubuntu 20.04.1 LTS device.
The installation process and testing worked fine. No issues appeared. After that changed mode from 1 to 0 in conf then got a one problem.

Fail to update ubuntu system. `sudo apt update` it shows unable to connect (using ubuntu regional) however web browsing etc worked fine....

Hi all,

I have some ASN that are thoroughly obnoxious and I want to block them.

I notice that CC_DENY can accept AS numbers in place of country ISO codes so I implemented what I thought would work and.....

It does not! LFD just triggered from one of those hosts.

Here is what I did:

# cat /etc/redhat-release
CentOS Linux release 7.8.2003 (Core)
# rpm -qa | grep ipset...

Good morning,

Before I write my own hook to integrate cPanel remote MySQL hosts into CSF, I'm asking if anyone else already did that.

So, when someone add MySQL remote host on cPanel, this IP should be added instantly into CSF configuration to allow 3306 on it.

Thanks in advance.

Hello,

im Using cPanel + Litessped + Modesecurity Rules ( Imunify360 LiteSpeed Rule Set )

ttps://files.imunify360.com/static/modsec/v2/meta_imunify360-full-litespeed.yaml

i enabled Modsec Trigger on CSF :

LF_MODSEC = 1
LF_MODSEC_PERM = 3600

Also i see Hits on :

Home »Security Center »ModSecurity™ Tools »Hits List :

2020-08-01 00:17:16 arakfelezisatis.com 95.188.147.134 WARNING 403...

Hello good afternoon, I open this topic because I am having blocks from my cPanel server to my AD through TCP port 389. In the CSF firewall I already added the IP of the AD server in a white list and also allowed TCP and UDP port 389 in the input and output, but even with those settings the connection blocks continue. I send the log that is generated:

Jul 31 11:40:01 cpanel kernel: Firewall:...

Hi

I am running csf on my centos 7.

I am looking to whitelist port range what is the possible way to do so as I am new with CSF.
I am running csf v14.04.

I have added one line to white list port in csf.allow but its not working for me which is as below

tcp|in|d=7770:7800|s=192.168.16.17/28

Thanks

I installed a new Centos 7 server, the same as my old server.
On my old server I could connect to FTP servers with PASV no problem.
But on my new server it blocks the connection.
SPI is on, Connection tracking is on.
Incoming FTP connections with PASV work fine (without the hole).
How do I get the outgoing ftp servers to work? (without whitelisting them)

thanks!