csf

  1. K

    SOLVED Manually Force CSF Update

    I see many people using the wrong command to update CSF, it must be in this manner: curl -sL https://download.configserver.com/csupdate | perl Hope this helps Kervol
  2. O

    Unable to find CSF in WebHost Manager

    Hi I have been trying to find the "ConfigServer Security & Firewall" option after updating to versionv76.0.10,any idea on where to find it? I had no problems at all with the v 74, has it been relocated or so? this is what I get when I search for it:
  3. S

    SOLVED Suspicious process running under user

    I would like cPanel/WHM to stop sending me emails about two specific "Suspicious process running under" processes. These two are: 1. Account: redis Executable: /usr/bin/redis-server Command Line: /usr/bin/redis-server 127.0.0.1:6379 2. Account: peertube Executable: /usr/bin/node Command Line...
  4. USA_Webmaster

    Disable lfd email alerts for whitelisted IP?

    I was trying to reply to this thread but forums locked old post -- Viewing Successful Root Login Log --- Hey @cPanelMichael :-D I just checked WHM >> cPHulk Brute Force Protection Whitelist Management tab for VPS WHMCS IP and it's already listed. Why am I still getting email alert lfg...
  5. T

    SOLVED [CPANEL-23314] CSF Suspicious File Alerts (/tmp/pma_template_compiles) after V76 Update

    Hello, I know that CSF/LFD is a non cPanel product, so i do not want to discuss something about it directly (how to disable alerts etc...). After v76 i started to receive this alerts: Suspicious File Alert File...
  6. M

    IP being blocked in firewall - not showing up in lfd.log

    So something on me network is triggering a permanent block on our server. I've searched all the logs in csf.syslog as well as cHulk tools and there's no sign of our public IP. I do a Quick Unblock of the IP via my cell data network (and get confirmation that the IP was in the permanent block...
  7. T

    SOLVED LFD Hung Task Timeout Error

    Hi everyone INFO: task lfd - (child) p:21289 blocked for more than 120 seconds "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this messages This error is appearing every morning on my server , and web pages are not loaded then Anyone can give me advice
  8. durangod

    SOLVED Configserver green ips in deny ip list

    Hi, i know this is not a cpanel issue... But i was wondering if anyone knew what the green text ip's listed in the deny ip mean. I posted a list of about 30 ips that had been running scripts on my site for days now to the deny ip part of configserver via the UI. I noticed when i pasted them...
  9. P

    SOLVED SMTP Restrictions Disabled but Still Blocked

    Hi, I've disabled SMTP restrictions so an account can send email via a third-party SMTP server (Office 365). The issue is, for end-user accounts, port 587 is still blocked despite disabling SMTP restrictions. For root however, it's not blocked - as if SMTP restrictions were still enabled. I've...
  10. O

    SOLVED No hostname found for IP address

    Hi!, We have a problem after upgrade to 74 version of Cpanel, when someone try to generate a conection SMTP to our server and the public IP that is trying to conect doesn't have a reverse DNS, an entrie of wrong syntax is record. LF_EXIMSYNTAX is configurated with 10. After complete 10 access...
  11. S

    Use csf to block incoming hits to extra local IPs?

    My servers main IP is say 204.11.xx.xxx. When I run ifconfig I have a bunch other IPs I've allocated to my server such as 204.11.xx.xxx,204.11.xx.xxx, 204.11.xx.xxx, etc. I don't use these IPs. should I block them with csf? how? I don't want to block anything incoming to my main IP of...
  12. S

    csf.conf not rotating csf.deny entires?

    I have a problem I think. I'm running cPanel 72.0.7. I have mod_security2 blocking wp-login.php hack attempts. It works fine. Entires are added to /etc/csf.deny automatically per the rule. Problem is when my csf.deny hits the DENY_IP_LIMIT (set to 2000) defined in csf.conf, it does not...
  13. A

    Unable to install CSF Firewall

    I have VPS server on Godaddy with Cent OS 5.9 virtuozzo and are 50 websites hosted there. Currently I faced lots of BrutForce attacks from different countries. Also they, hackers, entered into WHM and changed different settings even though I am continually changing my password. To protect from...
  14. D

    Disable alert from CSF for Excessive resource usage?

    hello please help anyone... im very new with cpanel i just received email alert like 10 emails per 10 second its huge emails, like 300 emails per hours or more and i want to know how to stop alert notification from root for Excessive resource usage: Virtual Memory in WHM where location to...
  15. M

    Mod_Security blocking WordPress logins

    Hello, I'm currently experiencing issues with CSF in the following cases : - Mod_Security rules give error 406 wordpress when trying to login through wp-admin - Disabling Mod_security on the Website's Cpanel solves the issues but is insecure. Rules for SMTP are way too strict resulting...
  16. I

    CSF is blocking googlebot

    My website - Removed - cannot be crawl by Googlebot. The error message is "Network Unreachable" Then i disable CSF and the result on Google Sitemap is OK. Please help, how to set my CSF not to block Googlebot. Thanks.
  17. P

    SOLVED Help with CSF custom regex

    Hi, I was wondering if someone might be able to help me understand why the following ConfigServer Firewall custom regex entry doesn't work. My /var/log/exim_mainlog gets flooded with entries like: 2018-06-10 10:10:34 SMTP connection from hostname [xx.xx.xx.xx]:52250 lost D=10s There are...
  18. E

    Accessing CSF through WHM as a reseller

    Hi, I know this is not related to you, for the "Config server Firewall", I have granted the access, but the page won't open: Access denied Thanks!
  19. cPanelResources

    Tutorial CSF/LFD - Excessive Resource Usage - Process Time

    Excessive Resource Usage - Process Time (PT_USERTIME) These are the notifications we see support requests for most commonly. These are emails sent to the administrator of the server due to excessive process time. While this can be a legitimate concern, identifying processes that are or are not...
  20. D

    Possible to install CSF via WHM GUI?

    I have a server where it seems that another admin has disabled or blocked port 22 and I am unable to ssh into it now (scanned with nmap to confirm this too). I have WHM browser/GUI access but there doesn't seem to be the CSF add-on installed. Is it possible to install this so that I can open...