1. Y

    CSF Firewall recommendations

    I'm using the recommended settings that CSF Firewall recommends but I found a cPanel article(Advanced PHP Configuration | cPanel & WHM Documentation) that says Do not edit the /opt/cpanel/ea-php##/root/etc/php-fpm.conf file or the files in the /opt/cpanel/ea-php##/root/etc/php-fpm.d/ directory...
  2. 000

    email CSF: "...If the change is unexpected it should be investigated", how investigate?

    Hello, we recived the messages: Time: Thu Apr 1 06:00:14 2021 -0500 The following list of files have FAILED the md5sum comparison test. This means that the file has been changed in some way. This could be a result of an OS update or application upgrade. If the change is unexpected it...
  3. S

    Shell Fork Bomb Protection Disabled

    We are configuring a new server with a client with cPanel 94, CloudLinux and CSF on CentOS 7. The CSF Server Service Check script suggests that Shell Fork Bomb Protection should be enabled , but pressing the 'Enable Protection' button doesn't change the status from disabled. `/etc/profile` was a...
  4. N

    CSF Firewall Missing 2 Module (insmod)

    Hello, how are you guys? So I tried to search about this issue and see a lot of people suffering from the same thing (usually on VPS / OpenVZ) So like everybody, I am too suffering issues with these 2 modules in CSF and I tried one for all to solve the issue. I talk with my hosting and we get...
  5. Spirogg

    SOLVED CSF Chain CC_ALLOW (1 references)

    in CSF I see Chain CC_ALLOW (1 references) with 20,000 plus lines of IP and IP blocks? I checked some of the ups and they are to flooring website, another is att.com another is noop.net why so many IP's have I been hacked or is this a CSF IP thing where they added all this in the chain...
  6. H

    csf firewall blocking countries - How can I allow outbound connections to email providers

    Hello, My csf firewall has CC_DENY = enabled blocking countries like China & Russia however I am wondering will that block email providers using servers in CN/RU too? I have users who may have email providers in China/Russia that I need to get delivered to so how can I allow those?
  7. T

    SMTP_BLOCK option with CSF

    I try to add SMTP_BLOCK option with CSF which will disable SMTP restriction per account. Can you provide steps to perform this SMTP_BLOCK and port values like 465 or 587 and mailing server like GMAIL?
  8. L

    The service “cpsrvd” appears to be down. When CSF enable.

    I started get the email: Notification The service “cpsrvd” appears to be down. Service Check Method The system failed to connect to this service’s TCP/IP port. Reason cpsrvd: [HTTP/1.0 200 OK != HTTP/1.x 200 OK] [received_key= [LEFT] JavaScript is disabled in your browser. For WHM to...
  9. S

    SOLVED CSF country block but allow DNS

    I've searched everywhere but couldn't find a solution, hopefully someone here knows a way. When using ConfigServer Firewall and configuring via WHM to use CC_DENY to block various countries, is there a way to whitelist a port or service such as DNS or exclude it from the country block? I've...
  10. WebHostPro

    Is there a way to block total server access to all but one IP?

    I have a server we need to block all access to but a single IP. Any idea how I can do this? I believe it would be with CSF or directly with IP tables. Ideally I would like to do it in WHM.
  11. J

    CSF csf.pignore syntax for suspicious process

    I know a lot of Cpanel users are running CSF/LFD. I've searched and read many posts on this topics before but I still don't find it clear what specific syntax to use in the csf.pignore file. These is the type of warning I'm trying to ignore. lfd[5333]: *Suspicious Process* PID:3792 PPID:3788...
  12. T

    How to stop firewall system notification alerts

    Hi, how can I stop firewall alert notifications on the system? I am using a CSF firewall with Centos 7, due to security reasons I blocked SSH port access since I had KVM access. now the issue is the KVM viewer becomes so messed up ... the alerts keep popping up even if I open nano or vi...
  13. P

    Issue With CSF , UDP Ports not Filtering.

    Hello buddies , previously when I was install CSF on my server then in check-host.net my ip's UDP Ports are showing Opened or Filtered. But in my new server I installed CSF but in check-host.net UDP Ports showing connection refused. These UDP_IN and UDP_OUT ports in firewall configuration ...
  14. M

    CSF problems

    Hi, In primary server i have WHM/cPanel, but in secondary server where only keep backups i did this: -I installed: CentOS 8 + Postfix + Mailx + CSF -I configured parameters in "/etc/csf/csf.conf" But one thing not work correctly: -I added contries to parameter "CC_DENY" but CSF not block IPs...
  15. L

    csf ct_limit and connlimit

    Hi, I have an issue with csf and too many connections from specifics IPs. I'll have a few times a week one uniques IPs that have a few hundred connections to my server. Exemple : tcp 0 0 51.68.xx,xx:80 138.68.xx,xx:57019 TIME_WAIT - tcp 0 0...
  16. Motamedi

    Problem connecting to ftp after enabling csf

    hello My problem is that when connecting to ftp if csf is enabled, ftp cannot be connected But if ip in csf allow the connection is established ! How to fix a problem that connected to ftp without having to allow ip in csf? thanks ...
  17. D

    Is server without CSF secure?

    I am not using CSF. Without it is the server safe?
  18. S

    CSF and Country Blocking

    We have a vps (WHM) running CSF that is currently blocking China via the Country Block option. Unfortunately we have clients that now have regular contact with China based suppliers and it appears the country block is stopping legitimate emails being received. Is there a way to allow specific...
  19. S

    CSF alert shows 2 different PHP versions

    Hi all, Sometimes we receive the following CSF alert: User:username PID:1104717 PPID:1037364 Run Time:89(secs) Memory:669564(kb) RSS:34536(kb) exe:/opt/alt/php56/usr/bin/php-cgi cmd:/opt/cpanel/ea-php73/root/usr/bin/php-cgi /home/username/public_html/index.php Does anyone know why exe shows...
  20. G

    Adding to CSF's Temporary Deny via PHP

    I'm using CSF (ConfigServer Firewall). Can you guys suggest a way to add an IP to the Temporary Deny list from a user's PHP? I know how to do it with the CSF GUI and by SSH, but I'm hoping to figure out a way to add IPs that try to access certain pages that don't exist (like "wp-login.php")...