csf

  1. T

    CSF and Log entries for an Apache version 4

    I try to fix entries CSF and Log entries for an Apache version 2.4: CUSTOM1_LOG = "/etc/apache2/logs/domlogs/*/*" Is it the correct CUSTOM1_LOG = "/etc/apache2/logs/domlogs/*/*" Need help.
  2. C

    How to allow port 2195 for Apple Push Notification in CentOS with WHM/cPanel?

    I want to allow port 2195 for Apple PN. I've tried running various commands and running more commands to test it but I can't figure out if it is added or enabled. I've WHM/cPanel with centOS 7.9. I've added port 2195 in CSF Home / Plugins / ConfigServer Security & Firewall, TCP_IN and TCP_OUT...
  3. A

    Port 3001 affects MySQL Service

    Hi. I have added port 3001 to TCP_OUT in CSF configuration because I need to connect an external API, but I notice that the change affects the MySQL service and the load up to 4000% in the WHM process manager. When I remove the port 3001 from the TCP_OUT configuration, everything was back to...
  4. keat63

    Does anyone have any experience with CSF mailscanner

    Guys Does anyone have any experience with CSF mail Scanner FE. I'm getting no where on thier forum, and I've a situatin that's driving me nuts. Our server is under some form of virus attack at the moment. I've put things in place to protect us, however, mailscanner is sending the below message...
  5. Spirogg

    SOLVED Just got email from csf that httpd got deleted ?

    Hi just wondering if anyone else got this today after updating ea4 today.
  6. leonep

    csf does not BAN ip for all rules. some rules just blocked on modsec, other rules ban IP

    Hi, I have ModSecurity 2.9 and OWASP Rule v3.3.0 running on my box Cloudlinux/nginx proxy/Apache 2.4 (+mod_remoteip) Some rules ban IPs on CSF , other rules just block on moddesc and no CSF ban... i have all triggers correctly in apache logs and correct setup in csf...
  7. Spirogg

    Excessive resource usage Executable: /usr/lib/systemd/systemd Command Line: (sd-pam)

    Hello, I am aware that CSF reports these via email, but I have never seen this with one of my websites . usually its /usr/bin/curl or /opt/cpanel/ea-php7.4/root/usr/sbin/php-fpm or /opt/cpanel/ea-php8/root/usr/sbin/php-fpm but never systemd or command line (sd-pam) Any reason you can think of...
  8. Spirogg

    Error: Failed to detect code [LlsNLK7sLm2bxuWS4WvQHdFT3OqCk] in SYSLOG_LOG [/var/log/messages]

    I recently had this issue on a new server installing AlmaLinux 8.5 minimal and then cPanel I guess during OS install - AlmaLinux Minimal did not install rsyslog for some reason or not. UPDATE 02/05/2022 3:21am: Note: The rsyslog package does not come by default on AlmaLinux installations so...
  9. R

    How to only allow certain IPs to hit specific HTML pages?

    I am looking for any Apache or CSF method that will allow me to help better lock down my web server. All my public facing pages are *.HTML pages, all my server processing files are labeled .PHP. Meaning only .PHP files should be accessed by HTML files from my own servers. At the moment, all...
  10. D

    CSF keeps blocking IP addresses of customers.

    I have been using CSF Config Security & Firewalldf for a while now and when I first set it up I had to keep adding customers IP addresses to the "Allow List" cue to being blocked. Now this keeps happening soon as a customer takes their laptop home and uses their house address / IP to access...
  11. GOT

    CSF Allow Causes site to NOT load under very specific conditions

    Its not every day I find something this perplexing, so I thought I would toss this out there to the hive mind and see if anyone can guess what might be going on here. Server is a Centos 7, fully updated server, high end specs, bare metal, latest Release version of cPanel. Running Litespeed...
  12. M

    Searching for an IP in csf /etc/csf/csf.blocklists

    Hello, I have noticed that ConfigServer Security & Firewall has a section called lfd Blocklists that allows blocking IPs with bad reputation however I would like to know if there is a way for detecting IPs blocked due to this rule. It happens that several IP blocks of local IPs in my country...
  13. 7

    Mod_Security Block Time and CSF

    I have both mod_security and CSF installed. I'm using a CDN that triggers some mod_security rules. I'm curious does mod_security need CSF to block IPs? Because I've whitelisted all the CDNs IP in CSF but it appears they might still be blocked when a mod_security rule is triggered. I'm curious...
  14. D

    CSF no longer blocking IP Address after WHM update 98.0.6

    Hi Team, I just noticed IP addresses in /etc/csf/csf.deny are not being blocked any more since WHM update 98.0.6 I am aware this may be a CSF issue but wanted to share. I thought at first this was just one server but i have checked on 11 servers and all are having same issue. 1. whm1 -...
  15. BlueSteam

    LFD Alerts from CSF about php-fpm Excessive resource usage for Virtual Memory Size

    Hi All, I am aware that the following alert is coming from CSF about the php-fpm pool: The server is a brand new installation of cPanel and this is the first account that has been loaded on to the server. All configs are default for cPanel and PHP as well as CSF. Is this really actually...
  16. I

    Configuración optima de procesos cPanel

    Buenas, actualmente tenemos un servidor dedicado únicamente para cPanel con las siguientes características: 1 TB de almacenamiento 12 GB Ram 8 nucleos CPU Nuestro servidor mantiene principalmente servicios de correo, paginas web, hechas con WordPress y prestashop en su mayoría, y lo que...
  17. R

    CSF SMTP AUTH Blocking Issue

    I have many clients getting their IP blocked from failed logins to SMTP. Oddly, it only effects Outlook/Office365. Full disclosure this is due to the client having bad credentials set in their Outlook client. The firewall is correctly blocking these. My question is: why does the IP get...
  18. A

    Allowing Ports in CSF via Command Line

    Is there any way to allow an Port in CSF without navigating to WHM >> CSF >> Firewall Configuration
  19. A

    Secure Server From DDos Attacks via CSF

    Hello, actually i seen a website providing DDos as service for just 2.99$ for 2 Days -_- with 10 Gbit/s Speed. For test, i done DDoS on my server and it does down ! I'm surprised to see, in just 3$ anyone can down our server for two days. They have theses DDoS Methods : UDPMIX DOMINATE DNS ACK...
  20. J

    SOLVED csf status same regardless on or off

    Hello. All over the internet the wisdom to determine if csf is on or off is to run the command: service csf status Yet, if I first bring down csf with csf -x and then run that command, I see: service csf status Redirecting to /bin/systemctl status csf.service ● csf.service - ConfigServer...