Disable ConfigServer Security & Firewall

bmchunu

Member
May 7, 2007
9
0
151
How do I completely disable and remove ConfigServer Security & Firewall

Its stuff up one of my clients server.
 

AndyReed

Well-Known Member
PartnerNOC
May 29, 2004
2,221
4
193
Minneapolis, MN
You should stop the service first, un-install it, then restart IPtables.
 

psychodreams

Well-Known Member
Apr 14, 2004
84
0
156
:)

Agreed i used apf firewall and bfd for a long time just recently switched personally i think its much better. There mailscanner service is awesome too
 

brianoz

Well-Known Member
Mar 13, 2004
1,146
7
168
Melbourne, Australia
cPanel Access Level
Root Administrator
What do you mean by "stuff up"? If you can be a bit more explicit about what's gone wrong we could give you some advice about how to make it work for you. Overall, a correctly installed firewall can save you many hours of work in the future by protecting you - and CSF is by far the best currently available.

If you run "csf" without any options you'll see a usage message, I beleive you can use "csf -x" to disable it until you have time to work out what the problems were. It will stay disabled until you explicitly re-enable it if you use csf -x -- you'll need to use "csf -e" to re-enable it.
 

sparek-3

Well-Known Member
Aug 10, 2002
1,983
218
343
cPanel Access Level
Root Administrator
the only problem with it, is that it has a tendency to block innocent FTP users.
I believe the default setting is that lfd checks for 5 FTP login failures within a 5 minute period. I raised this to 20 failures within a 5 minute period. All that being said, if a user would use common sense, then there really should not be any legitimate blocking. It cannot be stressed enough, if you are trying to log into something and the client or application you are using to log in with says "bad username and password" continuing to attempt to log in with that same username and password is not going to help. Users need to be aware that if they receive a bad username and password error message, then they need to take a step back, make retype the password, double check the username, and if it still doesn't work, investigate further. That might mean contacting their webhost or logging into their control panel and changing the password to something that they know.

Of course, if your talking about lfd blocking something other than bad login attempts, then this is not really relevant to your situation.
 

cooldude7273

Well-Known Member
Jan 11, 2004
359
0
166
Roswell, GA
You could even completely disable the check watching for failed ftp logins...
 

danserv

Member
Oct 6, 2006
8
0
151
cooldude, would you be able to tell me how to do that? Every day I get about 30 emails saying "my IP's been blocked", and my emails say that they were logging in incorrectly roughly 200 times!

It causes hell, but I prefer CSF to APF any day.
 

cooldude7273

Well-Known Member
Jan 11, 2004
359
0
166
Roswell, GA
cooldude, would you be able to tell me how to do that? Every day I get about 30 emails saying "my IP's been blocked", and my emails say that they were logging in incorrectly roughly 200 times!

It causes hell, but I prefer CSF to APF any day.
After clicking on Firewall Configuration, theres a box with LF_FTPD next to it. Right now it has a 1 in it (meaning "enabled"), change it to a 0 to disable it.

Hope that helps!
 

felosi

Active Member
Aug 27, 2006
39
0
156
yeah, csf is awesome I wouldnt have a server without it. On LFD failures I usually put 10 , dont seem to have many problems with that. It bans very few legit users but I guess it would be good to make a knowledgebase article for it.
 

sneader

Well-Known Member
Aug 21, 2003
1,178
57
178
La Crosse, WI
cPanel Access Level
Root Administrator
cooldude, would you be able to tell me how to do that? Every day I get about 30 emails saying "my IP's been blocked", and my emails say that they were logging in incorrectly roughly 200 times!

It causes hell, but I prefer CSF to APF any day.
I have a suspicion that these multiple incorrectly logged in users are people trying to use Internet Explorer as an FTP client. I had one user recently with this problem, and after he switched to a real FTP client, the problem went away. Curious if this is the same problem you are having...

- Scott

EDIT: above I had said "people trying to use Internet Explorer as a web browser." Duh, I meant people trying to use IE as an FTP client. I corrected my sentence above to avoid further communication. What I had was a user trying to use his IE browser for FTP, and it seemed to cause all sorts of login failures, amongst login successes... when he hit the failure limit, it would add him to the IP block list. He changed to a real FTP client and the problem went away.
 
Last edited:

brianoz

Well-Known Member
Mar 13, 2004
1,146
7
168
Melbourne, Australia
cPanel Access Level
Root Administrator
cooldude, would you be able to tell me how to do that? Every day I get about 30 emails saying "my IP's been blocked", and my emails say that they were logging in incorrectly roughly 200 times!

It causes hell, but I prefer CSF to APF any day.
There's also a RELAYHOSTS setting in CSF which prevents clients that have authenticated over POP getting blocked. This stops most of your clients getting blocked most of the time, and is a great timesaver.