CSF + CPhulk, iptables missing chain

[SactoBob]

Hello,

I recently installed a new cpanel from scratch. I started with CPHulk enabled as usual. On another server CPHulk chains show up in iptables:

Chain INPUT (policy ACCEPT)
target prot opt source destination
acctboth all -- anywhere anywhere
cphulk all -- anywhere anywhere
cP-Firewall-1-INPUT all -- anywhere anywhere

However, on the new server, when I installed CSF, the CPhulk chain is missing. I've toggled CPHulk off/on to be sure and no change. And according to CPHulk there are IPs in the block list, but they do not show in iptables.

Did something not install correctly or do I need manually or rerun a script to put the CPHulk chains back?

 

[SactoBob]

Also this is a Centos 7 server. It seems the recommendation of CSF for C7 isn't sufficient? I saw this line:

• While you can use the iptables command for temporary firewall rules, we recommend that you only use the firewall utilities on CentOS 7, CloudLinux 7, and RHEL 7 servers.

So are we saying now firewalld + CSF + CPHulk????

 

[SactoBob]

Hmm, well this answers this question..

Error: *Error* firewalld found to be running. You must stop and disable firewalld when using csf, at line 635

 

[SactoBob]

Hello, me again. So I've removed csf and turned on firewalld per the cpanel/centos 7 recommendation quoted above. However, my issue still remains. There's no CPHulk chains and CPHulk is not working. I tested it by purposely get a login block. CPHulk reports the IP blocked, but the IP doesn't showup in iptables -L and I've still able to attempt repeated logins. I've stopped/started and did

How do I get the CPHulk chains back?

Thanks,

 

[cPanelMichael]

However, on the new server, when I installed CSF, the CPhulk chain is missing. I've toggled CPHulk off/on to be sure and no change. And according to CPHulk there are IPs in the block list, but they do not show in iptables.

Hello,

Do you have "Block IP addresses at the firewall level if they trigger brute force protection" enabled in "WHM Home » Security Center » cPHulk Brute Force Protection"?

Thank you.