Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [csf]

ConfigServer Security & Firewall

A Packet Inspection (SPI) firewall and Login/Intrusion Detection application for Linux servers. Combines firewall with log monitoring tools for general Linux security protection. Web interface works from cpanel or webmin.

http://configserver.com/cp/csf.html

121 questions
1
vote
1 answer

limiting ip range on openvpn server

We're trying to setup a openvpn server on centos 6. We have blocked all IP adresses except a couple in a whitelist via /etc/hosts.deny, also we did the same with csf.deny (except for the whitelist). This block seems to be working, can't reach the…
DDdW
  • 113
  • 4
1
vote
0 answers

CSF+LFD not blocking brute force on xmlrpc.php on Wordpress site

I have just installed csf+lfd on my rackspace cloud server (a vanilla LAMP stack running centos 6.7). I only tweaked a couple of settings in the default csf.conf file: the ports allowed in TCP_IN and TCP6_IN, and then set RESTRICT_SYSLOG to 3. I…
bhu Boue vidya
  • 111
  • 4
1
vote
1 answer

Unblock All Ports in CSF?

I have CSF installed on a cPanel server and know that I believe that I can unblock ports specifically for outgoing connections in the /etc/csf/csf.conf file. It looks like this line can just be edited: # Allow outgoing TCP ports TCP_OUT =…
Username
  • 23
  • 1
  • 3
1
vote
1 answer

Suspicious Linux binary file in /tmp/ - Munin?

I have a CENTOS 6.6 x86_64 server running ConfigServer Firewall (installed by us) and Munin (installed by the datacentre). CSF has recently (and for no apparent reason) started sending us warnings, at 5 minutes past the hour, about a suspicious file…
JamesG
  • 115
  • 6
1
vote
2 answers

Can't block spammy IP

I'm being attacked by 37.59.4.76. It's sending me a great amount of data, which is destroying my dataplan. I've added the iptables Chain num pkts bytes target prot opt in out source destination DENYIN …
Hedam
  • 183
  • 2
  • 8
1
vote
0 answers

CSF Configuration Ignore NodeJS for Excessive Time

I am getting a lot of these: Excessive resource usage: *account* (9580 (Parent PID:9574)) Time: Sat Oct 18 15:20:00 2014 -0400 Account: *account* Resource: Process Time Exceeded: 4832714 > 1800 (seconds) Executable: …
Corey
  • 111
  • 2
1
vote
2 answers

NUMIPTENT is too low to add 5333 rules (CSF firewall error)

The VPS iptables rule limit (numiptent) is too low to add 5333 rules (19469/24000) CSF stopped working spontaneously today. Saying it can't start because it can't add 5333 rules to an apparent total of 24,000. The firewall has been configured to…
Horace
  • 13
  • 5
1
vote
1 answer

SSH connection gets dropped when attempting to deploy site using rocketeer

I'm trying to deploy a Laravel site to a development server (cPanel based) using Rocketeer. I am having a problem maintaining the SSH connection, and the server is dropping the connection after initially establishing a connection. The process is…
Ali Samii
  • 121
  • 1
  • 9
1
vote
0 answers

CSF LFD suspicious process under user apache

I think my server got DOS'ed via HTTP(port 80). When I checked apache access log, it showed that specific IPs requested /GET/HTTP1.1 more than 150 times in a minute. And I've been trying to limit connection per IP via CSF. However after I installed…
Vahn18
  • 11
  • 1
  • 2
1
vote
1 answer

CSF cc_deny is not working

I tried to block a country in CSF Firewall I followed this post http://www.2daygeek.com/how-to-block-a-country-using-csf-firewall/ to block ip from China cc_deny ="CN" While I execute csf -r I didn't see it block any ip block CC_DENY all opt -- in…
Adrian
  • 45
  • 1
  • 2
  • 6
1
vote
1 answer

CSF Blocking IP on Fail POP3 and cPanel

I have a VPS with cPanel and i am running around 400+ email accounts under a Office Network, I don't have STATIC IP but i am facing issue when any 1 of employee forget the password and try to access it too many times so cPanel Blocks the IP and…
Amanullah Tanweer
  • 19
  • 2
1
vote
3 answers

csf stop emails related to Process Tracking

I have enabled LSF with CSF since I would like to receive some informations but I am being bombed by the CSF with similar emails: Subject: lfd on [Hostname]: Excessive resource usage: www-data Time: Sun Jan 19 21:29:17 2014 +0100 Account:…
Armand
  • 115
  • 8
1
vote
1 answer

Proxmox 31 + KVM routing + IP subnet + csf

We have proxmox 3.1 server in netzner with routuing network and IP subnet block. We want to implement csf firewall without interfering the traffic of the KVM VMs, what would be the easiest way? We readed that we should add this lines to…
KeyJey
  • 11
  • 3
1
vote
2 answers

IPTABLES nat maintaining source IP address with CSF

We have been using CSF on a virtualized (OpenVZ) environment successfully for a while combining venet and bridged interfaces so we can use public IPs + local addressed virtual systems. Kernel IP routing table Destination Gateway …
luison
  • 273
  • 1
  • 7
  • 21
1
vote
1 answer

csf/lfd parameter that prevent smtp attacks?

I have a 4~5MB logwatch like this every day! someone like to hack my smtp: .... --------------------- sasl auth daemon Begin ------------------------ SASL Authentications failed 3965 Time(s) Service smtp (pam) - 3965 Time(s): Realm - 3959…
exim
  • 127
  • 1
  • 3
1 2
3
8 9