Problem with csf+lfd blocking dj's ip's

Have you tried whitelisting their IPs in CSF? Please note that CSF is a product of ConfigServer Security & Firewall, so the best option is to post on their forum at this location:

ConfigServer Scripts Forum • Index page

 

My suggestion would be to disable LFD until you've heard back from them on their forum. It seems likely that the LFD logs should have more details on why the IP is being blocked. I believe they are in /var/log and called lfd.log or something of that nature.

 

In the /etc/csf/csf.conf file (also, this is WHM > Plugins > ConfigServer Security & Firewall > Firewall Configuration option), it has the following:

To disable LFD, you would need to set this to 0, then restart the firewall.

 

I wouldn't disable CSF for anything, myself. Instead, I'd make sure I'm being emailed on every event from CSF/LFD and let the log tell me why this user gets blocked.

 

Unfortunately, if the user cannot have their customers access the server due to constant blocks for the dynamic IPs, then until they review the logs and have CSF help with what is occurring, disabling LFD is the only possible course of action from what I can see. Disabling LFD will only disable the blocking mechanisms for that firewall, the other firewall rules already in existence will still function for CSF.

It's similar to having to shut down cPHulk Brute Force Protection due to being blocked until a method is determined on how to allow access for the customers trying to reach the machine. I don't see much choice in this instance in order to keep the customers able to access the machine, but that's just my personal opinion.