I have both mod_security and CSF installed. I'm using a CDN that triggers some mod_security rules. I'm curious does mod_security need CSF to block IPs? Because I've whitelisted all the CDNs IP in CSF but it appears they might still be blocked when a mod_security rule is triggered. I'm curious...
I just noticed IP addresses in /etc/csf/csf.deny are not being blocked any more since WHM update 98.0.6 I am aware this may be a CSF issue but wanted to share. I thought at first this was just one server but i have checked on 11 servers and all are having same issue.
1. whm1 -...
I am aware that the following alert is coming from CSF about the php-fpm pool:
The server is a brand new installation of cPanel and this is the first account that has been loaded on to the server. All configs are default for cPanel and PHP as well as CSF.
Is this really actually...
actualmente tenemos un servidor dedicado únicamente para cPanel con las siguientes características:
1 TB de almacenamiento
12 GB Ram
8 nucleos CPU
Nuestro servidor mantiene principalmente servicios de correo, paginas web, hechas con WordPress y prestashop en su mayoría, y lo que...
I have many clients getting their IP blocked from failed logins to SMTP. Oddly, it only effects Outlook/Office365.
Full disclosure this is due to the client having bad credentials set in their Outlook client.
The firewall is correctly blocking these.
My question is: why does the IP get...
Hello, actually i seen a website providing DDos as service for just 2.99$ for 2 Days -_- with 10 Gbit/s Speed.
For test, i done DDoS on my server and it does down !
I'm surprised to see, in just 3$ anyone can down our server for two days.
They have theses DDoS Methods :
All over the internet the wisdom to determine if csf is on or off is to run the command:
service csf status
Yet, if I first bring down csf with csf -x and then run that command, I see:
service csf status
Redirecting to /bin/systemctl status csf.service
● csf.service - ConfigServer...
Good afternoon! I thought I would check out the new WHM 96 Nginx feature. one magic button click and the server will start using nginx.
What I noticed immediately in the APACHE STATUS screen, all visitors was the server ips ... And in ModSecuity logs, all "hits" were also the server ip.
CSF/LFD alerts are not being forwarded to my email which I've set on Home »Server Contacts »Edit System Mail Preferences.
Where to set the From email in the WHM?
Return-path: <[email protected]>
Received: from root by ns1234 with local (Exim 4.94.2)
(envelope-from <[email protected] ns1234>)
Today after a CSF scan I have notice this:
Check php for enable_dl or disabled dl()
You should set:
enable_dl = Off
This prevents users from loading php modules that affect everyone on the server. Note that if use dynamic libraries, such as ioncube, you will have to load them...
I have CSF installed on the server and have been using it for a while.
I have ICMP=ON but I cannot ping my server. This started only happening after WHM Update 94.07 (Even 94.08).
Disabling CSF allows ICMP pings to come in.
I'm using the recommended settings that CSF Firewall recommends but I found a cPanel article(Advanced PHP Configuration | cPanel & WHM Documentation) that says
Do not edit the /opt/cpanel/ea-php##/root/etc/php-fpm.conf file or the files in the /opt/cpanel/ea-php##/root/etc/php-fpm.d/ directory...
we recived the messages:
Time: Thu Apr 1 06:00:14 2021 -0500
The following list of files have FAILED the md5sum comparison test. This means that the file has been changed in some way. This could be a result of an OS update or application upgrade. If the change is unexpected it...
We are configuring a new server with a client with cPanel 94, CloudLinux and CSF on CentOS 7. The CSF Server Service Check script suggests that Shell Fork Bomb Protection should be enabled , but pressing the 'Enable Protection' button doesn't change the status from disabled. `/etc/profile` was a...
Hello, how are you guys?
So I tried to search about this issue and see a lot of people suffering from the same thing (usually on VPS / OpenVZ)
So like everybody, I am too suffering issues with these 2 modules in CSF and I tried one for all to solve the issue.
I talk with my hosting and we get...
in CSF I see Chain CC_ALLOW (1 references)
with 20,000 plus lines of IP and IP blocks?
I checked some of the ups and they are to flooring website, another is att.com another is noop.net
why so many IP's have I been hacked or is this a CSF IP thing where they added all this in the chain...
My csf firewall has CC_DENY = enabled blocking countries like China & Russia however I am wondering will that block email providers using servers in CN/RU too? I have users who may have email providers in China/Russia that I need to get delivered to so how can I allow those?
I started get the email:
The service “cpsrvd” appears to be down.
Service Check Method
The system failed to connect to this service’s TCP/IP port.
cpsrvd: [HTTP/1.0 200 OK != HTTP/1.x 200 OK] [received_key=