Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [csf]

ConfigServer Security & Firewall

A Packet Inspection (SPI) firewall and Login/Intrusion Detection application for Linux servers. Combines firewall with log monitoring tools for general Linux security protection. Web interface works from cpanel or webmin.

http://configserver.com/cp/csf.html

121 questions
1
vote
0 answers

CSF: Changing portflood settings to deny IP longer than second interval?

I've recently been under attack and I'm configuring CSF firewall for my Ubuntu server (latest). I found out portflood settings only block the ip for the specified second count, but I would like separate times. I was thinking forever, but even an…
user3456789877
  • 9
  • 1
1
vote
1 answer

LFD always stops working after ~30 days, until I give /etc/csf/csf.pl -r

When I give /etc/csf/csf.pl -r , I see lots of lines flushing, then I begin to get the notification emails again, (several emails per day), for example: Time: Wed Sep 12 08:39:47 2012 +0800 IP: 221.13.104.162 (CN/China/-) Failures: 5…
Doochz
  • 141
  • 3
1
vote
0 answers

CSF/LFD configuration settings

/bin/gtar -c -f - -X /home/{USER}/cpbackup-exclude.conf -X /etc/cpbackup-exclude.conf . How can I white list these strings? I've tried stuff like: pcmd: /bin/gtar -c -f - -X /home/* and still reports them. I don't want to whitelist the execu since…
Tiffany Walker
  • 6,541
  • 13
  • 53
  • 77
1
vote
2 answers

Automatic 777 file permissions when uploading files

When I upload new files to my CentOS server, with cPanel and CSF the files are all given 0777 permissions automatically. How do I change this? I don't want all my files to have 0777 permissions by default.
Anders
  • 207
  • 1
  • 2
  • 7
1
vote
1 answer

Config Server Firewall: You need to install the missing perl modules and then install cxs

I am trying to install config server firewall however when i follow the tutorial and run install.sh i get the following error. Can anyone help? root@localhost:~/csf# sh install.sh Configuring for OS Running csf generic installer Installing…
h00j
  • 378
  • 6
  • 21
1
vote
3 answers

How do I secure my OpenVZ host node?

I'm running a server using OpenVZ for a few websites. Nothing in HN except for sshd. A VM for Varnish, a VM for MySQL and a few VMs each for one website (running Apache/PHP). Now I'd like to secure this server, mostly from network attack (I…
jcisio
  • 588
  • 1
  • 9
  • 22
1
vote
1 answer

Block large number of IP addresses

I am running a centos server with WHM and Cpanel and using CSF as the firewall. I would like to block a whole range of IP addresses. I wanted to start off with China, and got a list of IP's from http://www.countryipblocks.net/ - this amounts to…
JonoB
  • 27
  • 2
1
vote
1 answer

Can you load more files (instead of csf.allow) in CSF? like *.conf in Apache?

Currently I keep all of the blocked IPs for my CSF firewall in a single "csf.deny" file which is getting difficult to maintain. In an attempt to organize things a bit more (since not ALL of the IP blocks I deny changes frequently), I was wondering…
user85569
  • 178
  • 1
  • 5
1
vote
1 answer

csf firewall deny

How can I pass a comment to the command csf -d so I do not have to edit csf.deny, find the line and add a comment as to why it was manually denied?
Joey BagODonuts
  • 1,635
  • 2
  • 16
  • 16
1
vote
1 answer

CSF log files Interpretation

I just installed CSF firewall on my server and I have started seeing the following entries in my log file. Can some one help me understanding as to what is happening Thanks Feb 25 10:45:19 li235-57 kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT=…
Sparsh Gupta
  • 1,117
  • 7
  • 20
  • 31
1
vote
4 answers

How to check if CSF firewall is running

My ex-system admin installed CSF on a server witout Admin panel. I can see CSF installed but I am not sure if its currently running or not. I dont want to try to start / stop it. I realized there is no PID file concept in CSF and I am finding it…
Sparsh Gupta
  • 1,117
  • 7
  • 20
  • 31
1
vote
1 answer

CSF / LFD picking up suspicious users in OpenVZ containers

I have OpenVZ running on a box with CSF / LFD installed. I like the way LFD can alert me of suspicious processes running on the HardwareNode itself. However, LFD is emailing me about every suspicious process that the VE's are running. Is there a…
Squeeb
  • 152
  • 1
  • 13
1
vote
1 answer

CSF Firewall - priority

If a whitelisted IP (csf.allow) uses the wrong password more than 5 times, are they then automatically added to csf.deny? If so, does csf.deny OVERULE csf.allow so that they would be denied access?
Owen
  • 356
  • 5
  • 19
1
vote
1 answer

Will running CSF & Bastille cause any conflicts?

I'm taking my first steps into the world of un-managed servers, and have confused myself whilst reading through the 101 tutorials on server hardening that Google spews out! The most recent advice I have been given is to install both CSF and Bastille…
Mathew
  • 287
  • 1
  • 3
  • 9
1
vote
0 answers

Failed to start IPv4 firewall with iptables

I'm running CentOS 8 Webserver and recently I had some issues with the CSF Firewall, the CSF Service is running but the LFD is failed. I did some research and I was able to fix it by doing iptables --flush (I'm not sure it was the problem…
Ahmed Suror
  • 119
  • 6
1 2 3
8 9