csf

  1. T

    How to stop firewall system notification alerts

    Hi, how can I stop firewall alert notifications on the system? I am using a CSF firewall with Centos 7, due to security reasons I blocked SSH port access since I had KVM access. now the issue is the KVM viewer becomes so messed up ... the alerts keep popping up even if I open nano or vi...
  2. P

    Issue With CSF , UDP Ports not Filtering.

    Hello buddies , previously when I was install CSF on my server then in check-host.net my ip's UDP Ports are showing Opened or Filtered. But in my new server I installed CSF but in check-host.net UDP Ports showing connection refused. These UDP_IN and UDP_OUT ports in firewall configuration ...
  3. M

    CSF problems

    Hi, In primary server i have WHM/cPanel, but in secondary server where only keep backups i did this: -I installed: CentOS 8 + Postfix + Mailx + CSF -I configured parameters in "/etc/csf/csf.conf" But one thing not work correctly: -I added contries to parameter "CC_DENY" but CSF not block IPs...
  4. L

    csf ct_limit and connlimit

    Hi, I have an issue with csf and too many connections from specifics IPs. I'll have a few times a week one uniques IPs that have a few hundred connections to my server. Exemple : tcp 0 0 51.68.xx,xx:80 138.68.xx,xx:57019 TIME_WAIT - tcp 0 0...
  5. Motamedi

    Problem connecting to ftp after enabling csf

    hello My problem is that when connecting to ftp if csf is enabled, ftp cannot be connected But if ip in csf allow the connection is established ! How to fix a problem that connected to ftp without having to allow ip in csf? thanks ...
  6. D

    Is server without CSF secure?

    I am not using CSF. Without it is the server safe?
  7. S

    CSF and Country Blocking

    We have a vps (WHM) running CSF that is currently blocking China via the Country Block option. Unfortunately we have clients that now have regular contact with China based suppliers and it appears the country block is stopping legitimate emails being received. Is there a way to allow specific...
  8. S

    CSF alert shows 2 different PHP versions

    Hi all, Sometimes we receive the following CSF alert: User:username PID:1104717 PPID:1037364 Run Time:89(secs) Memory:669564(kb) RSS:34536(kb) exe:/opt/alt/php56/usr/bin/php-cgi cmd:/opt/cpanel/ea-php73/root/usr/bin/php-cgi /home/username/public_html/index.php Does anyone know why exe shows...
  9. G

    Adding to CSF's Temporary Deny via PHP

    I'm using CSF (ConfigServer Firewall). Can you guys suggest a way to add an IP to the Temporary Deny list from a user's PHP? I know how to do it with the CSF GUI and by SSH, but I'm hoping to figure out a way to add IPs that try to access certain pages that don't exist (like "wp-login.php")...
  10. R

    Close All Port But Allow List

    Hello I have a server with centos OS with cpanel control panel and firewall CSF. I want close all output ports except allowed list IPs. would you please help me, how can I close port?
  11. cPanelResources

    Tutorial SMTP Restrictions (WHM) versus SMTP_BLOCK (CSF)

    Overview When attempting to secure your server against spam,you might consider enabling the SMTP Restrictions option in WHM or if you have the third-party ConfigServer Security & Firewall (CSF) plugin, the SMTP_BLOCK feature. This article is designed to explain how these two services affect the...
  12. 000

    What is waiting for ch?

    hello, I have installed CSF + LFD. Each X time I get this message: lfd on SERVER: Excessive resource usage: goodUSER (15835 (Parent PID:29609)) then I seek command to get time process running, and I get: [email protected] [~]# ps -eo pid,cmd,lstart | grep 29609 29609 cpanellogd - waiting for ch...
  13. A

    Ban list of IPs or entire countries?

    Hello. Is there a way to ban CHINA because lot of them or all of traffic are robots and crawlers and malware i have liste of one ASN from one ISP THANK YOU
  14. S

    Where do I add Cloudflare IPs to whitelist them?

    Hi, I am trying to improve performance on my website and have just signed up to Cloudflare free account. As part of the instructions is says to add a number of IP addresses to the server whitelist. I found this post: Cloudflare blocked in firewall alerts which says to add the IPs to...
  15. J

    Firewall configuration file changed?

    I've been running WHM/Cpanel on Servers For at least 12 years along with CSF/LFD. Yesterday all of the sudden the server wouldn't accept WHM connection on port 2087. I immediately tried bringing it up on my mobile phone to see if for some reason by connecting from my hotel the system had auto...
  16. L

    lfd Excessive resource

    Hi, I have an issue and i do not know how to handle. I receive a lot of mails like this Time: Sun Jan 6 13:01:56 2019 +0200 Account: xxxx Resource: Process Time Exceeded: 299479 > 3600 (seconds) Executable: /opt/cpanel/ea-php71/root/usr/bin/lsphp Command Line: lsphp...
  17. K

    SOLVED Manually Force CSF Update

    I see many people using the wrong command to update CSF, it must be in this manner: curl -sL https://download.configserver.com/csupdate | perl Hope this helps Kervol
  18. O

    Unable to find CSF in WebHost Manager

    Hi I have been trying to find the "ConfigServer Security & Firewall" option after updating to versionv76.0.10,any idea on where to find it? I had no problems at all with the v 74, has it been relocated or so? this is what I get when I search for it:
  19. S

    SOLVED Suspicious process running under user

    I would like cPanel/WHM to stop sending me emails about two specific "Suspicious process running under" processes. These two are: 1. Account: redis Executable: /usr/bin/redis-server Command Line: /usr/bin/redis-server 127.0.0.1:6379 2. Account: peertube Executable: /usr/bin/node Command Line...
  20. USA_Webmaster

    Disable lfd email alerts for whitelisted IP?

    I was trying to reply to this thread but forums locked old post -- Viewing Successful Root Login Log --- Hey @cPanelMichael :-D I just checked WHM >> cPHulk Brute Force Protection Whitelist Management tab for VPS WHMCS IP and it's already listed. Why am I still getting email alert lfg...