I have been trying to find the "ConfigServer Security & Firewall" option after updating to versionv76.0.10,any idea on where to find it? I had no problems at all with the v 74, has it been relocated or so?
this is what I get when I search for it:
I would like cPanel/WHM to stop sending me emails about two specific "Suspicious process running under" processes.
These two are:
Command Line: /usr/bin/redis-server 127.0.0.1:6379
I was trying to reply to this thread but forums locked old post -- Viewing Successful Root Login Log
Hey @cPanelMichael :-D
I just checked WHM >> cPHulk Brute Force Protection Whitelist Management tab for VPS WHMCS IP and it's already listed. Why am I still getting email alert lfg...
I know that CSF/LFD is a non cPanel product, so i do not want to discuss something about it directly (how to disable alerts etc...).
After v76 i started to receive this alerts:
Suspicious File Alert
So something on me network is triggering a permanent block on our server. I've searched all the logs in csf.syslog as well as cHulk tools and there's no sign of our public IP.
I do a Quick Unblock of the IP via my cell data network (and get confirmation that the IP was in the permanent block...
INFO: task lfd - (child) p:21289 blocked for more than 120 seconds
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this messages
This error is appearing every morning on my server , and web pages are not loaded then
Anyone can give me advice
Hi, i know this is not a cpanel issue... But i was wondering if anyone knew what the green text ip's listed in the deny ip mean.
I posted a list of about 30 ips that had been running scripts on my site for days now to the deny ip part of configserver via the UI. I noticed when i pasted them...
Hi, I've disabled SMTP restrictions so an account can send email via a third-party SMTP server (Office 365). The issue is, for end-user accounts, port 587 is still blocked despite disabling SMTP restrictions. For root however, it's not blocked - as if SMTP restrictions were still enabled.
We have a problem after upgrade to 74 version of Cpanel, when someone try to generate a conection SMTP to our server and the public IP that is trying to conect doesn't have a reverse DNS, an entrie of wrong syntax is record. LF_EXIMSYNTAX is configurated with 10. After complete 10 access...
My servers main IP is say 204.11.xx.xxx. When I run ifconfig I have a bunch other IPs I've allocated to my server such as 204.11.xx.xxx,204.11.xx.xxx, 204.11.xx.xxx, etc. I don't use these IPs. should I block them with csf? how? I don't want to block anything incoming to my main IP of...
I have a problem I think. I'm running cPanel 72.0.7. I have mod_security2 blocking wp-login.php hack attempts. It works fine. Entires are added to /etc/csf.deny automatically per the rule.
Problem is when my csf.deny hits the DENY_IP_LIMIT (set to 2000) defined in csf.conf, it does not...
I have VPS server on Godaddy with Cent OS 5.9 virtuozzo and are 50 websites hosted there. Currently I faced lots of BrutForce attacks from different countries. Also they, hackers, entered into WHM and changed different settings even though I am continually changing my password.
To protect from...
please help anyone...
im very new with cpanel
i just received email alert like 10 emails per 10 second
its huge emails, like 300 emails per hours or more
and i want to know
how to stop alert notification from root for Excessive resource usage: Virtual Memory
in WHM where location to...
I'm currently experiencing issues with CSF in the following cases :
- Mod_Security rules give error 406 wordpress when trying to login through wp-admin - Disabling Mod_security on the Website's Cpanel solves the issues but is insecure.
Rules for SMTP are way too strict resulting...
My website - Removed - cannot be crawl by Googlebot. The error message is "Network Unreachable" Then i disable CSF and the result on Google Sitemap is OK.
Please help, how to set my CSF not to block Googlebot.
Hi, I was wondering if someone might be able to help me understand why the following ConfigServer Firewall custom regex entry doesn't work.
My /var/log/exim_mainlog gets flooded with entries like:
2018-06-10 10:10:34 SMTP connection from hostname [xx.xx.xx.xx]:52250 lost D=10s
Excessive Resource Usage - Process Time (PT_USERTIME)
These are the notifications we see support requests for most commonly. These are emails sent to the administrator of the server due to excessive process time. While this can be a legitimate concern, identifying processes that are or are not...
I have a server where it seems that another admin has disabled or blocked port 22 and I am unable to ssh into it now (scanned with nmap to confirm this too). I have WHM browser/GUI access but there doesn't seem to be the CSF add-on installed. Is it possible to install this so that I can open...