CSF blocking user's own website

crazyaboutlinux

Well-Known Member
Nov 3, 2007
939
1
66
after installed csf firewall our user is not able to view their own website.
Note : he can view all other website except thir own

so i asked user for their local ISP's ip address & i found that their local ISP IP address is blocked in csf firewall etc/csf.deny

122.169.75.94 # lfd: 10 (pop3d) login failures from 122.169.75.94 in the last 300 secs - Thu Apr 23 16:25:59 2009

this ip blocked for pop3 login failures & he is not able to view their own website

this is not good idea with CSF firewall.
 

thewebhosting

Well-Known Member
May 9, 2008
1,199
1
68
Yes, it's a good idea to stop dictionary attack. I would not recommend to disable it.

If you wish then you can add the IP address 122.169.75.94 in CSF firewall "Allow IP list" from WHM -> CSF -> Allow IP. Once you do this IP address 122.169.75.94 will not be getting blocked in CSF.
 

crazyaboutlinux

Well-Known Member
Nov 3, 2007
939
1
66
Yes, it's a good idea to stop dictionary attack. I would not recommend to disable it.

If you wish then you can add the IP address 122.169.75.94 in CSF firewall "Allow IP list" from WHM -> CSF -> Allow IP. Once you do this IP address 122.169.75.94 will not be getting blocked in CSF.
this is not a static IP
 

Infopro

Well-Known Member
May 20, 2003
17,076
523
613
Pennsylvania
cPanel Access Level
Root Administrator
Twitter
let me know step to do this

Your user needs to login correctly. If they don't they should be blocked.

If you did set their IP to the bypass list and that user got a virus on their PC or became a disgruntled user you wouldn't want them to be allowed to bypass anything.

We block at 5 failed logins and our users learned quickly to be sure they are logging in correctly. It's for the users own account protection.

If you need to know more about your settings in CSF, you should take a close look at the docs for it and the configuration page itself.

You can also choose to only temp ban them if you wish. It's all in the config and much more.

Good Luck. :)
 

Lyttek

Well-Known Member
Jan 2, 2004
775
5
168
Your user needs to login correctly. If they don't they should be blocked.

If you did set their IP to the bypass list and that user got a virus on their PC or became a disgruntled user you wouldn't want them to be allowed to bypass anything.

We block at 5 failed logins and our users learned quickly to be sure they are logging in correctly. It's for the users own account protection.
I'll second this. Turning off protection because a user can't get the configuration correct on their email client (or whatever) leaves everyone else on the machine open. It's NOT good to disable this, as you're only treating the symptom and not the actual problem... not a good way to run a server.