The Community Forums

Interact with an entire community of cPanel & WHM users.
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Disable ConfigServer Security & Firewall

Discussion in 'cPanel Developers' started by bmchunu, May 31, 2007.

  1. bmchunu

    bmchunu Member

    Joined:
    May 7, 2007
    Messages:
    9
    Likes Received:
    0
    Trophy Points:
    1
    How do I completely disable and remove ConfigServer Security & Firewall

    Its stuff up one of my clients server.
     
  2. Fernis

    Fernis Well-Known Member

    Joined:
    Oct 28, 2006
    Messages:
    192
    Likes Received:
    1
    Trophy Points:
    18
    cd /etc/csf
    sh uninstall.sh
     
  3. ppopcn

    ppopcn Member

    Joined:
    Nov 12, 2006
    Messages:
    17
    Likes Received:
    0
    Trophy Points:
    1
    why do you want uninstall it ??
     
  4. AndyReed

    AndyReed Well-Known Member
    PartnerNOC

    Joined:
    May 29, 2004
    Messages:
    2,222
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    Minneapolis, MN
    You should stop the service first, un-install it, then restart IPtables.
     
  5. Stefaans

    Stefaans Well-Known Member

    Joined:
    Mar 5, 2002
    Messages:
    451
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    Vancouver, Canada
    The problem is likely due to an incorrect configuration, not CSF itself. Did you even bother to test that everything was working CSF after deploying it? :eek:

    We are using CSF with great success on several servers; life would simply not be the same without Chirpy and his excellent software ;)
     
  6. psychodreams

    psychodreams Well-Known Member

    Joined:
    Apr 14, 2004
    Messages:
    84
    Likes Received:
    0
    Trophy Points:
    6
    :)

    Agreed i used apf firewall and bfd for a long time just recently switched personally i think its much better. There mailscanner service is awesome too
     
  7. danserv

    danserv Member

    Joined:
    Oct 6, 2006
    Messages:
    8
    Likes Received:
    0
    Trophy Points:
    1
    the only problem with it, is that it has a tendency to block innocent FTP users.
     
  8. brianoz

    brianoz Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,146
    Likes Received:
    6
    Trophy Points:
    38
    Location:
    Melbourne, Australia
    cPanel Access Level:
    Root Administrator
    What do you mean by "stuff up"? If you can be a bit more explicit about what's gone wrong we could give you some advice about how to make it work for you. Overall, a correctly installed firewall can save you many hours of work in the future by protecting you - and CSF is by far the best currently available.

    If you run "csf" without any options you'll see a usage message, I beleive you can use "csf -x" to disable it until you have time to work out what the problems were. It will stay disabled until you explicitly re-enable it if you use csf -x -- you'll need to use "csf -e" to re-enable it.
     
  9. sparek-3

    sparek-3 Well-Known Member

    Joined:
    Aug 10, 2002
    Messages:
    1,381
    Likes Received:
    23
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    I believe the default setting is that lfd checks for 5 FTP login failures within a 5 minute period. I raised this to 20 failures within a 5 minute period. All that being said, if a user would use common sense, then there really should not be any legitimate blocking. It cannot be stressed enough, if you are trying to log into something and the client or application you are using to log in with says "bad username and password" continuing to attempt to log in with that same username and password is not going to help. Users need to be aware that if they receive a bad username and password error message, then they need to take a step back, make retype the password, double check the username, and if it still doesn't work, investigate further. That might mean contacting their webhost or logging into their control panel and changing the password to something that they know.

    Of course, if your talking about lfd blocking something other than bad login attempts, then this is not really relevant to your situation.
     
  10. cooldude7273

    cooldude7273 Well-Known Member

    Joined:
    Jan 11, 2004
    Messages:
    363
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Roswell, GA
    You could even completely disable the check watching for failed ftp logins...
     
  11. danserv

    danserv Member

    Joined:
    Oct 6, 2006
    Messages:
    8
    Likes Received:
    0
    Trophy Points:
    1
    cooldude, would you be able to tell me how to do that? Every day I get about 30 emails saying "my IP's been blocked", and my emails say that they were logging in incorrectly roughly 200 times!

    It causes hell, but I prefer CSF to APF any day.
     
  12. cooldude7273

    cooldude7273 Well-Known Member

    Joined:
    Jan 11, 2004
    Messages:
    363
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Roswell, GA
    After clicking on Firewall Configuration, theres a box with LF_FTPD next to it. Right now it has a 1 in it (meaning "enabled"), change it to a 0 to disable it.

    Hope that helps!
     
  13. felosi

    felosi Active Member

    Joined:
    Aug 27, 2006
    Messages:
    39
    Likes Received:
    0
    Trophy Points:
    6
    yeah, csf is awesome I wouldnt have a server without it. On LFD failures I usually put 10 , dont seem to have many problems with that. It bans very few legit users but I guess it would be good to make a knowledgebase article for it.
     
  14. sneader

    sneader Well-Known Member

    Joined:
    Aug 21, 2003
    Messages:
    1,126
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    La Crosse, WI
    cPanel Access Level:
    Root Administrator
    I have a suspicion that these multiple incorrectly logged in users are people trying to use Internet Explorer as an FTP client. I had one user recently with this problem, and after he switched to a real FTP client, the problem went away. Curious if this is the same problem you are having...

    - Scott

    EDIT: above I had said "people trying to use Internet Explorer as a web browser." Duh, I meant people trying to use IE as an FTP client. I corrected my sentence above to avoid further communication. What I had was a user trying to use his IE browser for FTP, and it seemed to cause all sorts of login failures, amongst login successes... when he hit the failure limit, it would add him to the IP block list. He changed to a real FTP client and the problem went away.
     
    #14 sneader, Jun 18, 2007
    Last edited: Jun 18, 2007
  15. brianoz

    brianoz Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,146
    Likes Received:
    6
    Trophy Points:
    38
    Location:
    Melbourne, Australia
    cPanel Access Level:
    Root Administrator
    There's also a RELAYHOSTS setting in CSF which prevents clients that have authenticated over POP getting blocked. This stops most of your clients getting blocked most of the time, and is a great timesaver.
     
Loading...

Share This Page