2

I've installed CSF on ubuntu 14.04 using their official install guide. After disabling UFW with the following command:

sudo ufw disable

then I have modified csf.conf with the following values: (comments removed to make question cleaner)

###############################################################################
# SECTION:Integrated User Interface
###############################################################################
...
UI = "1"
...
UI_PORT = "443"
...
UI_USER = "<user>"
...
UI_PASS = "<pass>"
...
UI_TIMEOUT = "300"
...
UI_CHILDREN = "5"
...
UI_RETRY = "5"
...
UI_BAN = "1"
...
UI_ALLOW = "0"
...
UI_BLOCK = "1"
...
UI_ALERT = "1"
...
UI_CIPHER = "ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP:!kEDH"
...
UI_SSL_VERSION = "SSLv23:!SSLv2"
...
UI_CXS = "0"
...
UI_CSE = "0"

and restarted CSF with

sudo csf -r

However I cannot access CSF UI from browser no matter what .

note: this is not my first try, I used a secure port with UI_ALLOW=1 first time for a secure setup but as that didn't work changed the port to something which is allowed by default and disabled ui_allow.

note2: the documentation says UI is part of LFD and LFD is disabled while TESTING = "1" , so I also tried disabling testing with no success .

Running netstat -ant does not show anything listening on port 443.

What steps should I take to diagnose this issue? (anything that would help is appreciated , e.g. log files to check , commands to try , etc.)

Additional information :

sudo csf -v
csf: v7.15 (generic)

uname -a
Linux git 3.13.0-36-generic #63-Ubuntu SMP Wed Sep 3 21:30:07 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux

error code from browser (tested chrome and firefox):

Error code: ERR_CONNECTION_REFUSED

using Certificates shipped with CSF


CSF readme part 23 is also about this subject, I installed packages that was listed there also to no available.

if I missed anything relevant, post in comments and I will provide them

masegaloeh
  • 17,978
  • 9
  • 56
  • 104
Bor691
  • 213
  • 4
  • 14

2 Answers2

2

it really helps to write a question here to find answer :P

while gathering info to write this question , when i was looking for csf log file to include in question i noticed that LFD has a separate log file here:

/var/log/lfd.log

there i found this line:

Sep 30 17:46:13 git lfd[6555]: *Error* Cannot run csf UI - Perl module IO::Socket::SSL required

even though i did installed it apparently csf -r does not restart lfd so it didn't notice it was installed , you should restart lfd separately with

sudo service lfd restart

also this related problem's solution which i found while searching might be useful to someone else : http://forum.configserver.com/viewtopic.php?f=5&t=4924

Bor691
  • 213
  • 4
  • 14
0

After 6 years. I still face with this issue when not read careful the guideline.

My config error:

UI_IP = "127.0.0.1"

This config works:

# Optionally set the IP address to bind to. Normally this should be left blank
# to bind to all IP addresses on the server.
#
# If the server is configured for IPv6 but the IP to bind to is IPv4, then the
# IP address MUST use the IPv6 representation. For example 1.2.3.4 must use
# ::ffff:1.2.3.4
#
# Leave blank to bind to all IP addresses on the server
UI_IP = "::ffff:127.0.0.1"
Michael Hampton
  • 237,123
  • 42
  • 477
  • 940
Toan Ha
  • 1
  • 2