CSF's CC_ALLOW_FILTER blocking cURL

GoWilkes

Well-Known Member
Sep 26, 2006
495
12
168
cPanel Access Level
Root Administrator
I was having an issue with this before in that it was blocking AutoSSL, but @cPanelLauren helped me get that straight. So I turned CC_ALLOW_FILTER back on, only allowing US,MP,PR.

Positive: spam cut down by 95%, and server load is purring much better

Downside: I just discovered that none of my cURL scripts were working. No errors anywhere, they just didn't respond. I just now disabled CSF, and they all started working, so I know that this is the culprit.

Any suggestions on what I can do to make it work properly? If it helps, this is the function I use in PHP:

Code:
// Usage:
// $data = getFile('https://www.example.com/whatever.xml');

function getFile($url, $getInfo=false) {
    $t = false;

    if (strpos($url, 'http') === 0) {
        $ch = curl_init(filter_var($url, FILTER_VALIDATE_URL));
            curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36');
            curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 30);
            curl_setopt($ch, CURLOPT_TIMEOUT, 180);
            curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);

        $t = curl_exec($ch);

        if ($getInfo && $t) {
            $arr = curl_getinfo($ch);
            $t     = $arr['http_code'] === 200 ? $arr[$getInfo] : false;
        }

        curl_close($ch);
    }

    return $t;
}
 

cPSamuelM

Technical Analyst Team Lead
Staff member
Nov 20, 2019
196
37
103
USA
cPanel Access Level
Root Administrator
Hello @GoWilkes

I would recommend reviewing the following log files:

/var/log/lfd.log
/var/log/messages

These log files may well have some relevant entries if CSF is blocking requests.

Another troubleshooting step I would suggest to take PHP out of the equation would be to try connecting to the URL in your script manually. You could use curl on the command line, or other tools such as the command line browser "lynx" or even telnet to see if you can connect to the remote host on port 443. If you can successfully connect using one of these methods, that may indicate that the issue is actually with the PHP script.

Note, we do not develop CSF and our knowledge of it is limited. You may have better luck obtaining guidance from the CSF developers or in their community forums at: ConfigServer Technical Support
 
Thread starter Similar threads Forum Replies Date
G Security 2
T Security 1