Hello, i'm Pete

i have been using this firewall for years in cpanel......its great.... i love it....
the reason im in here is because i came to a dead end with the configuration on a server that uses APIs.
This server has apache and php installed and runs some APIs, The port we use is the hhtps thus port 443 and port 80 for curl. both ports are in the list for udp/tcp in and out, when i disable...

Hello, I am not receiving e-mail from CSF/LFD
When I go to mail queue shows the error:

root cannot accept local mail deliveries

This only happens on CSF/LFD. When I create account or delete account on cPanel I receive notifications. But notifications from CSF/LFD I am not receiving.

I also checked on configuration:

LF_EMAIL_ALERT = 1

is set to 1.

Can anyone help?

Greetings,

I am trying to accomplish the same function as SSH and SU alert but with my custom log.

I am wondering, how do I get CSF to just send a email, but no IP blocking.

Thank you for your help,
Chris

Hello,
after installing csf and starting the lfd daemon, I can not reach the web ui at the address
my_ip: chosen choice
Thank you
root@ubuntusw01:~# csf -r
Flushing chain `INPUT'
Flushing chain `FORWARD'
Flushing chain `OUTPUT'
Flushing chain `ALLOWIN'
Flushing chain `ALLOWOUT'
Flushing chain `DENYIN'
Flushing chain `DENYOUT'
Flushing chain `INVALID'
Flushing chain `INVDROP'
Flushing chain...

Hello,

I'm using CSF with my main domain perfectly and I'm using it with Cloudflare and everything is good!
Now, I will create a subdomain and I want to block access to it, how can I do that using CSF?

Regards,

I have a customer for testing needs
Request to temporarily turn on all TCP_Out Port
But I don't know how this should be set in the Firewall Configuration.
Is it OK to set the TCP_OUT option to 0-65535?

Hi to everyone,
i am looking for an official reply or a secure response ;D

On my server i discovered that the default SSH port comport a lot of attack to guess password ... this made CSF alerting me with a periodic frequency.

Is safe to change SSH port?
CSF will still monitor for SSH failed access? Because if i change port all alert stop.

My doubt is... changing the SSH port made CSF do not...

Hi

I want to make a ssh connection from a VPS (centos 7 & CSF)
But it seems that csf is blocking the ssh port (not 22)

ssh user@xxx.xxx.xxx.xxx -p nnn -vvv
OpenSSH_7.4p1, OpenSSL 1.0.2k-fips 26 Jan 2017
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 58: Applying options for *
debug2: resolving xxx.xxx.xxx.xxx port nnn
debug2: ssh_connect_direct:...

Hello,
i have two line code for iptables for allow just a range ip for able check my port, cause i have a backend ip (reverse proxy), and i dont want anyone able detect it (for secure against ddos and etc)

its below, but when i installed CSF, iptables disabled, so i want know how i can run this two command on CSF?

iptables -I INPUT -p tcp -m multiport --dports http,https -s 186.2.160.0/24 -j...

Hi,

Every so often, outgoing mail gets blocked on my cPanel server. All messages are bounced back with following error:

550-Please turn on SMTP Authentication in your mail client.
550-xxxxxx.com :53492 is not permitted to relay
550 through this server without authentication.

When I restart the CSF firewall, it works again, but the same issue could occur several hours later, sometimes, days or...

Hello,

I'm doing something blasphemous: I'm using CSF on a workstation. Why? Well, it is the only one thus far that is ACTUALLY working for me -- blocking attempts well. That said, I have listed all the ports my chat program uses in csf.conf/TCP_IN,TCP_OUT,UDP_IN,UDP_OUT, and have listed it as exe:/path/to/application in csf.pignore.

However, I still cannot sign in with it to the remote server...

Suddenly on all servers in lfd.log file this is showing and repeating all the time:
Oct 11 14:24:26 server lfd : Cluster Service died, restarted
Oct 11 14:24:26 server lfd : *Error* cannot open server on port 7777: Address already in use, at line 9679

Any idea on how to fix it?
Have tried restarting csf and cluster.

Hi,

New to CSF and the forum. I have been getting a couple of emails regarding different issues and this one has me concerned as I am not sure if this is a false positive or not.

Any help would be appreciated. :)

Executable:

/opt/cpanel/ea-php72/root/usr/sbin/php-fpm

Command Line (often faked in exploits):

php-fpm: pool thedarkblues_co_uk

Network connections by the process (if...

Hey guys. I'm willing to know about this question: if I already has Connection Tracking enabled in my VPS, do I add any real benefits by adding mod_evasive to Apache? Or should I really choose between one or the other?

Hope you can answer me soon.
Thanks in advance!

I have 4 different php versions 5.6, 7.0 7.1 7.2 and all of them have disable_functions with many functions disabled.

In Firewall check all of them except 5.6 show up as fine, but I get a warning that I need to fix this in 5.6. I've verified that the file for sure has disabled_functions set correctly.

Same with enable_dl = Off - I've done it in all versions but it shows as not done in 5.6

I...

Hello All,

Sorry if I am posting in the wrong place. Is it possible to run CSF on OpenSuse Tumbleweed? The install appears to work correctly, however I am unable to run it, or integrate it with Webmin. I thought it best to make sure it was compatible before I posted log output.

** Edit **

Here is the output when I try to run the service -

csf.service - ConfigServer Firewall & Security -...

I have used csf and Cloud Linux together many times in the past without issue. Today I upgraded a regular Centos 7 cPanel with latest kernel, cpanel and latest csf version to Cloud Linux.

After the upgrade, csf would no longer load. I do not see any errors in the boot.log or messages, etc. When I try to run commands like csf -ra, csf -x or csf -e it just sits there and hangs.

If I reboot the...

How can i disable email SSH login alert for user root from
please.
I have a program that automaticlly downloads files through ssh every 30 minutes & am getting emails each time.
Thanks

I have a single cPanel server and it is currently protected by a Juniper SRX 300 Hardware Firewall and CPHulk. I would really like to remove the hardware firewall and go back to use CSF, but I am wondering if anyone can advise on what I would lose or gain in making the change? I know CSF can do a lot more, but do I lose any major security by removing the hardware firewall? Since I have just one...

Hi,

We have problem with LF_PERMBLOCK_ALERT notification.
Rule was set to 0 so we don't want to notification when someone is perm blocked and we set LF_PERMBLOCK_ALERT to 0 but we still receive mails.
Can you help me to resolve this issue.

Best regards.