How to ignore a single PHP file in all websites

LukeDouglas

Active Member
Nov 22, 2010
34
1
58
I want to ignore CONFIGSERVER warnings for a single file, "STATE.php", on all websites.

Code:
'/home/XXXXXXXX/public_html/plugins/system/bfnetwork/bfnetwork/tmp/STATE.php'
Universal decode regex match = [universal decoder]
I tried this code but it appears to not be working as I'm still getting warnings.

Code:
# bypass MySites STATE.php file
# Joomla
cmd:/usr/bin/php /usr/local/cpanel/public_html/plugins/system/bfnetwork/bfnetwork/tmp/STATE.php
# Wordpress
cmd:/usr/bin/php /usr/local/cpanel/public_html/wp-content/plugins/mywpguru/bfnetwork/tmp
Any ideas?
 

kodeslogic

Well-Known Member
Apr 26, 2020
259
85
103
IN
cPanel Access Level
Root Administrator
Code:
# bypass MySites STATE.php file
# Joomla
cmd:/usr/bin/php /usr/local/cpanel/public_html/plugins/system/bfnetwork/bfnetwork/tmp/STATE.php
# Wordpress
cmd:/usr/bin/php /usr/local/cpanel/public_html/wp-content/plugins/mywpguru/bfnetwork/tmp
Is the mentioned line added to file /etc/csf/csf.pignore ?
 

LukeDouglas

Active Member
Nov 22, 2010
34
1
58
Is the mentioned line added to file /etc/csf/csf.pignore ?
Yes. In fact the following Code is what I have in the /etc/csf/csf.pignore file.

Code:
# bypass MySites STATE.php file
# Joomla
cmd:/usr/bin/php /usr/local/cpanel/public_html/plugins/system/bfnetwork/bfnetwork/tmp/STATE.php
# Wordpress
cmd:/usr/bin/php /usr/local/cpanel/public_html/wp-content/plugins/mywpguru/bfnetwork/tmp
 

ffeingol

Well-Known Member
PartnerNOC
Nov 9, 2001
599
193
343
cPanel Access Level
DataCenter Provider
I believe the message that you are quoting is from CXS (exploit scanner) not CSF (firewall). The ignore file for CXS is /etc/cxs/cxs.ignore and I believe the syntax would be:

Code:
hfile:/public_html/plugins/system/bfnetwork/bfnetwork/tmp/STATE.php
 
  • Like
Reactions: cPRex

LukeDouglas

Active Member
Nov 22, 2010
34
1
58
It is actually the /etc/csf/csf.pignore where I put your code. So I have added your code to the /etc/cxs/csx.ignore file.
 

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
4,836
597
273
cPanel Access Level
Root Administrator
Thanks for the details, @ffeingol. @LukeDouglas, these questions might be better directed at the ConfigServer team (ConfigServer Community Forum - Index page) as cPanel doesn't control that software. We're pretty good at handling most CSF issues, but I personally would not have noticed this was CSX as that just isn't something we deal with regularly.