The problem is likely due to an incorrect configuration, not CSF itself. Did you even bother to test that everything was working CSF after deploying it?
We are using CSF with great success on several servers; life would simply not be the same without Chirpy and his excellent software
Agreed i used apf firewall and bfd for a long time just recently switched personally i think its much better. There mailscanner service is awesome too
What do you mean by "stuff up"? If you can be a bit more explicit about what's gone wrong we could give you some advice about how to make it work for you. Overall, a correctly installed firewall can save you many hours of work in the future by protecting you - and CSF is by far the best currently available.
If you run "csf" without any options you'll see a usage message, I beleive you can use "csf -x" to disable it until you have time to work out what the problems were. It will stay disabled until you explicitly re-enable it if you use csf -x -- you'll need to use "csf -e" to re-enable it.
If you run "csf" without any options you'll see a usage message, I beleive you can use "csf -x" to disable it until you have time to work out what the problems were. It will stay disabled until you explicitly re-enable it if you use csf -x -- you'll need to use "csf -e" to re-enable it.
I believe the default setting is that lfd checks for 5 FTP login failures within a 5 minute period. I raised this to 20 failures within a 5 minute period. All that being said, if a user would use common sense, then there really should not be any legitimate blocking. It cannot be stressed enough, if you are trying to log into something and the client or application you are using to log in with says "bad username and password" continuing to attempt to log in with that same username and password is not going to help. Users need to be aware that if they receive a bad username and password error message, then they need to take a step back, make retype the password, double check the username, and if it still doesn't work, investigate further. That might mean contacting their webhost or logging into their control panel and changing the password to something that they know.
Of course, if your talking about lfd blocking something other than bad login attempts, then this is not really relevant to your situation.
After clicking on Firewall Configuration, theres a box with LF_FTPD next to it. Right now it has a 1 in it (meaning "enabled"), change it to a 0 to disable it.
Hope that helps!
I have a suspicion that these multiple incorrectly logged in users are people trying to use Internet Explorer as an FTP client. I had one user recently with this problem, and after he switched to a real FTP client, the problem went away. Curious if this is the same problem you are having...
- Scott
EDIT: above I had said "people trying to use Internet Explorer as a web browser." Duh, I meant people trying to use IE as an FTP client. I corrected my sentence above to avoid further communication. What I had was a user trying to use his IE browser for FTP, and it seemed to cause all sorts of login failures, amongst login successes... when he hit the failure limit, it would add him to the IP block list. He changed to a real FTP client and the problem went away.
Last edited:
There's also a RELAYHOSTS setting in CSF which prevents clients that have authenticated over POP getting blocked. This stops most of your clients getting blocked most of the time, and is a great timesaver.
