Highest Voted 'csf' Questions - Server Fault Stack Exchange

1

vote

1 answer

csf: how to override TCP_IN?

I'm using csf v14.05 on my Debian-8-based server. In csf.conf, I have the following: TCP_IN = "53,80,110,119,143,443,465,587,953,993,995" I want to selectively override this in csf.deny, only for certain specific host/port combinations, as in the…

firewall port csf

asked Oct 05 '20 at 19:50

HippoMan

165
8

0

votes

1 answer

iptables shows a warning message but I am unable to solve it

When I typed this command in SSH to see rules, it returns the following warning message in iptables. I am wondering what is it and how to solve it. iptables -L LOG tcp -- anywhere anywhere limit: avg 30/min burst 5…

linux ubuntu iptables csf lfd

asked Oct 08 '17 at 09:00

Don Dilanga

232
2
8

0

votes

2 answers

Defending from random GET requests

I am getting attacked, and my site is constantly receiving thousands of requests like this GET /?HMPCL=INQUVOBHZ HTTP/1.1 I have mod-security installed, waf comodo and csf. Even mod-security blocks these and add in csf.deny ips are still managing…

csf

asked Feb 09 '17 at 04:06

Luka

375
5
21

0

votes

2 answers

/usr/sbin/amavisd-new - why is pcmd/regex not working for this command in csf.pignore?

For some reason I cannot get CSF's LFD (/etc/csf/csf.pignore) to ignore amavisd-new running via perl. The daemon runs via /usr/bin/perl /usr/sbin/amavisd-new (some mode) however it seems that when I use regex based pcmd:, LFD won't ignore it. Is…

regex amavis csf ubuntu-16.04 lfd

asked Oct 17 '16 at 18:23

dhaupin

113
7

0

votes

1 answer

pptp gre in csf firewall

i have a senior problem. when i want to connecting a pptp over a tap adaptor or a pptp connection have get disconnected and get this errors on messages logs: linux pptpd[20275]: GRE: read(fd=7,buffer=60a400,len=8260) from network failed: status = -1…

pptp csf gre

asked Aug 26 '16 at 07:53

alireza m

13
1
7

0

votes

1 answer

CSF Firewall unblock countries

I've a VPS Server running CENTOS 6.7 x86_64 with CSF Firewall activated. Sometimes I see in "Firewall Deny IPs" that blocks suddenly connections from my country (Spain) to some of my clients. Not with everybody and not everyday, but 2-3 times per…

firewall csf

asked Apr 19 '16 at 15:42

Roberto Meijide

13
7

0

votes

1 answer

Why is lfd prematurely removing blocks?

As you can see in the excerpted log file below (from /var/log/lfd.log), lfd is prematurely removing temporary blocks that it imposes on IPs: Apr 7 13:07:59 host lfd[32117]: (wordpressxmlrpc) Request of xmlrpc.php. None of our users legitimately…

linux centos firewall csf lfd

asked Apr 07 '16 at 18:28

rinogo

329
4
13

0

votes

1 answer

How does CT_LIMIT (the csf firewall setting) work?

I've been wondering if the csf firewall counts the connections for the last CT_INTERVAL seconds and then compares them to the CT_LIMIT value, or it just counts the current (at the moment) connections and then compares them to CT_LIMIT? Because, if…

firewall denial-of-service csf

asked Dec 08 '15 at 18:57

Shumoapp

101
3

0

votes

2 answers

Haproxy logging doesn't work. Does that have anything to do with csf?

Does Haproxy log every time a connection is made? I have followed instructions from other threads to set up logging via rsyslogd. Even though the files are created (haproxy.log,haproxy-info.log and haproxy-allbutinfo.log), no logs have been written…

firewall haproxy rsyslog csf

asked Sep 12 '15 at 15:03

RedGiant

211
3
14

0

votes

0 answers

CSF ignore list skips some ignore exclusions

I have try to prevent sending Suspicious File Alert emails which contain: File: /tmp/netatop-0.5/netatop.init Reason: Script, starts with #! File: /tmp/netatop-0.5/mkversion Reason: Script, starts with #! by…

csf ignore

asked Jun 05 '15 at 14:57

JackTheKnife

371
1
6
22

0

votes

1 answer

How to block all traffic which is headed to a particular domain

I have recently added an IP address to my VPS. The problem is that the previous owner has abandoned the domain name with its nameservers set on this IP. Although any access to this domain is denied by my firewall (CSF), my problem is that I get lots…

domain-name-system iptables domain csf

asked Jun 04 '15 at 17:58

developer

535
2
8
15

0

votes

0 answers

exim queue notification if a domain is sending more than x number of emails

I am running Exim as an MTA. I have also implemented a Per hour Per domain email Limit. Still I see that my IP reputation goes bad if a spammer sends more than x amount of emails in 24 hours or so. I want to setup a notification email so that if a…

spam exim csf

asked May 26 '15 at 05:14

Waqas Khan

181
1
1
7

0

votes

1 answer

Can't connect to Ubuntu VPS via SSH,SFTP

When I try to login to my VPS using SSH and SFTP it's not connect to the server. Then I power off and power on the VPS by the VPS provider control panel (digital ocean). Once it boot up, first few seconds I can access the server, after few minutes…

ssh vps ubuntu-14.04 fail2ban csf

asked Apr 13 '15 at 17:54

Chathu

87
1
11

0

votes

1 answer

How do I use CSF to redirect domain requests to a port?

I have a server setup that uses two different webservers with different subdomains. Right now the servers listen on different ports (80 & 4000) So users don't have to put in :4000 I'd like to have a traffic from a different domain route port 80…

centos firewall routing csf

asked Mar 29 '15 at 14:35

David Silva Smith

233
2
10

0

votes

1 answer

CSF not adding IPs to deny file as a cron during high loads

I'm running a cron every minute to thwart brute-force attacks. awk '{print $2}' < ipkill.txt | while read ip; do #query geographical info IP address curl -o country.txt ipinfo.io/$ip #parse the JSON result pull the country …

cron brute-force-attacks csf

asked Feb 16 '15 at 16:00

Horace

13
5

Questions tagged [csf]