ConfigServer Community Forum

Peer support forums for ConfigServer Scripts
https://forum.configserver.com/

CSF deleting custom rules in csf.deny

https://forum.configserver.com/viewtopic.php?t=1201

Page 1 of 1

CSF deleting custom rules in csf.deny

Posted: 01 Apr 2008, 21:47
by mtbwacko
This is starting to drive me nuts. I have several lines of custom IPs in csf.deny. They are placed above the section that CSF records entries to. Every few days they all completely disappear, but the entries that were placed there by CSF are untouched. An example is below - all IPs above the line that begins with "Begin Firewall Blocks" will be removed, though oddly enough, the commented out headinhs remain - only the IPs get removed. Is anyone else having this issue??

# Begin fti.net from Amsterdam
193.252.149.15
193.252.149.16
81.52.143.15
81.52.143.16
#
# Begin Performance Systems International Inc
38.0.0.0/8
#
# Begin internetserviceteam.com
89.149.241.98
217.20.127.121
#
# Begin spider5.picsearch.com (Europe)
217.212.224.145
217.212.224.169
#
# Begin Firewall Blocks
64.41.168.254 # lfd: 10 (cpanel) login failures from 64.41.168.254 - Thu Jan 3 09:28:43 2008
64.14.3.216 # lfd: 10 (whm,webmail,ftpd,sshd,cpanel) login failures from 64.14.3.216 - Fri Jan 4 00:19:27 2008

Posted: 01 Apr 2008, 22:43
by Sarah
Check your setting for DENY_IP_LIMIT. CSF will delete IP address from the top of the list if the the number of entries exceeds this limit.

Posted: 01 Apr 2008, 23:06
by mtbwacko
Sarah, that was it! Thank you so much. I'm happy it was such an easy fix. Best regards.

Posted: 03 Apr 2008, 21:13
by wolf
please note this will only work untill the csf deny limit is reached, to ensure your rules never get deleted i recommend using the global_deny file configuration for permanant rules as it is never changed by csf :)
All times are UTC+01:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited