1. 7

    Mod_Security Block Time and CSF

    I have both mod_security and CSF installed. I'm using a CDN that triggers some mod_security rules. I'm curious does mod_security need CSF to block IPs? Because I've whitelisted all the CDNs IP in CSF but it appears they might still be blocked when a mod_security rule is triggered. I'm curious...
  2. D

    CSF no longer blocking IP Address after WHM update 98.0.6

    Hi Team, I just noticed IP addresses in /etc/csf/csf.deny are not being blocked any more since WHM update 98.0.6 I am aware this may be a CSF issue but wanted to share. I thought at first this was just one server but i have checked on 11 servers and all are having same issue. 1. whm1 -...
  3. BlueSteam

    LFD Alerts from CSF about php-fpm Excessive resource usage for Virtual Memory Size

    Hi All, I am aware that the following alert is coming from CSF about the php-fpm pool: The server is a brand new installation of cPanel and this is the first account that has been loaded on to the server. All configs are default for cPanel and PHP as well as CSF. Is this really actually...
  4. I

    Configuración optima de procesos cPanel

    Buenas, actualmente tenemos un servidor dedicado únicamente para cPanel con las siguientes características: 1 TB de almacenamiento 12 GB Ram 8 nucleos CPU Nuestro servidor mantiene principalmente servicios de correo, paginas web, hechas con WordPress y prestashop en su mayoría, y lo que...
  5. R

    CSF SMTP AUTH Blocking Issue

    I have many clients getting their IP blocked from failed logins to SMTP. Oddly, it only effects Outlook/Office365. Full disclosure this is due to the client having bad credentials set in their Outlook client. The firewall is correctly blocking these. My question is: why does the IP get...
  6. A

    Allowing Ports in CSF via Command Line

    Is there any way to allow an Port in CSF without navigating to WHM >> CSF >> Firewall Configuration
  7. A

    Secure Server From DDos Attacks via CSF

    Hello, actually i seen a website providing DDos as service for just 2.99$ for 2 Days -_- with 10 Gbit/s Speed. For test, i done DDoS on my server and it does down ! I'm surprised to see, in just 3$ anyone can down our server for two days. They have theses DDoS Methods : UDPMIX DOMINATE DNS ACK...
  8. J

    SOLVED csf status same regardless on or off

    Hello. All over the internet the wisdom to determine if csf is on or off is to run the command: service csf status Yet, if I first bring down csf with csf -x and then run that command, I see: service csf status Redirecting to /bin/systemctl status csf.service ● csf.service - ConfigServer...
  9. T

    WHM 96 Nginx Visitor IP for ModSec and CSF

    Good afternoon! I thought I would check out the new WHM 96 Nginx feature. one magic button click and the server will start using nginx. What I noticed immediately in the APACHE STATUS screen, all visitors was the server ips ... And in ModSecuity logs, all "hits" were also the server ip. I...
  10. C

    How to set "From" email for the server for CSF/LFD alerts?

    Hello, CSF/LFD alerts are not being forwarded to my email which I've set on Home »Server Contacts »Edit System Mail Preferences. Where to set the From email in the WHM? Return-path: <[email protected]> Received: from root by ns1234 with local (Exim 4.94.2) (envelope-from <[email protected] ns1234>) id...
  11. N

    New php.ini file on php-internal from cPanel or Imunify?

    Hello, Today after a CSF scan I have notice this: PHP Check Check php for enable_dl or disabled dl() You should set: enable_dl = Off This prevents users from loading php modules that affect everyone on the server. Note that if use dynamic libraries, such as ioncube, you will have to load them...
  12. W

    After latest WHM Update, CSF is blocking all ICMP Requests

    I have CSF installed on the server and have been using it for a while. I have ICMP=ON but I cannot ping my server. This started only happening after WHM Update 94.07 (Even 94.08). Disabling CSF allows ICMP pings to come in. Any ideas?
  13. Y

    CSF Firewall recommendations

    I'm using the recommended settings that CSF Firewall recommends but I found a cPanel article(Advanced PHP Configuration | cPanel & WHM Documentation) that says Do not edit the /opt/cpanel/ea-php##/root/etc/php-fpm.conf file or the files in the /opt/cpanel/ea-php##/root/etc/php-fpm.d/ directory...
  14. 000

    email CSF: "...If the change is unexpected it should be investigated", how investigate?

    Hello, we recived the messages: Time: Thu Apr 1 06:00:14 2021 -0500 The following list of files have FAILED the md5sum comparison test. This means that the file has been changed in some way. This could be a result of an OS update or application upgrade. If the change is unexpected it...
  15. S

    Shell Fork Bomb Protection Disabled

    We are configuring a new server with a client with cPanel 94, CloudLinux and CSF on CentOS 7. The CSF Server Service Check script suggests that Shell Fork Bomb Protection should be enabled , but pressing the 'Enable Protection' button doesn't change the status from disabled. `/etc/profile` was a...
  16. N

    CSF Firewall Missing 2 Module (insmod)

    Hello, how are you guys? So I tried to search about this issue and see a lot of people suffering from the same thing (usually on VPS / OpenVZ) So like everybody, I am too suffering issues with these 2 modules in CSF and I tried one for all to solve the issue. I talk with my hosting and we get...
  17. Spirogg

    SOLVED CSF Chain CC_ALLOW (1 references)

    in CSF I see Chain CC_ALLOW (1 references) with 20,000 plus lines of IP and IP blocks? I checked some of the ups and they are to flooring website, another is att.com another is noop.net why so many IP's have I been hacked or is this a CSF IP thing where they added all this in the chain...
  18. H

    csf firewall blocking countries - How can I allow outbound connections to email providers

    Hello, My csf firewall has CC_DENY = enabled blocking countries like China & Russia however I am wondering will that block email providers using servers in CN/RU too? I have users who may have email providers in China/Russia that I need to get delivered to so how can I allow those?
  19. T

    SMTP_BLOCK option with CSF

    I try to add SMTP_BLOCK option with CSF which will disable SMTP restriction per account. Can you provide steps to perform this SMTP_BLOCK and port values like 465 or 587 and mailing server like GMAIL?
  20. L

    The service “cpsrvd” appears to be down. When CSF enable.

    I started get the email: Notification The service “cpsrvd” appears to be down. Service Check Method The system failed to connect to this service’s TCP/IP port. Reason cpsrvd: [HTTP/1.0 200 OK != HTTP/1.x 200 OK] [received_key= [LEFT] JavaScript is disabled in your browser. For WHM to...