csf

  1. D

    How to block wp-cron.php HTTP requests via Apache or CSF

    Hi Team, As wp-cron.php is a known performance issue and loop hole on WP platform. I have several servers and want to implement a blanket protection rule to stop wp-cron.php being accessed externally. Yes I am aware you can disable wp-cron.php in /wp-config.php with directive and also implement...
  2. J

    IP blocked in firewall won't unblock

    We have a customer that's been automatically FTPing a webcam file (that shows the local surf conditions) from IP 1.2.3.4 to 10.11.12.13 every 5 minutes for years. Suddenly, they started getting this: Error message: "connection failed check username and password" We use cPHulk, CSF/LFD, CXS...
  3. W

    SOLVED Error: csf is being restarted, try again in a moment..

    Hello When try to restart CSF get this error Error: csf is being restarted, try again in a moment: Resource temporarily unavailable at /usr/sbin/csf line 185. This happen on 2 server.. at this time. Any cPanel / csf upgrade issue/bug? Thanks
  4. D

    SOLVED High server load unless lfd is stopped, issue only started the last few days

    Within the last few days I have been experiencing a very high server load, to the point where the only way to reboot the server is to hard reset it. Had the hosting provider look at it and they gave me suggestions about disabling wp-cron on sites and scheduling the tasks through the cpanel...
  5. J

    Excessive resource usage and csf default install

    Hello. I hope everyone is safe and healthy. I've read the post about exessive resource usage here: https://forums.cpanel.net/threads/lfd-reporting-excessive-resource-usage-suspicious-process-spamd-child.628743/ In my case yes, I'm receiving a lot of exessive resource usage notifications such...
  6. H

    Security Check Advice

    Using CSF firewall, I'm aware it's a plugin and not a cPanel product but it suggests doing so, the question is, should I: Mail Check Check exim for secure authentication (if I require clients to connect with SSL or issue the STARTTLS command before they are allowed to authenticate with the...
  7. R

    CSF processing order of permit/deny lists?

    In CSF, Questions: 1. what gets processed first - permit lists or block lists? 2. What about permitted ports defined in the "General Configuration -> IPv4 Port Settings" versus the IP permit/block lists - what comes first? 3. I presume a more specific block (x.x.x.x/32) overrides a more...
  8. EagleDotNet

    I need to open Minecraft port on cpanel

    I installed minecraft bedrock server on my cPanel on vps server, after many attempts to install and run the server I finally succeeded in running it, but I could not access it because the port 19132 was not opened. I used CSF firewall and I tried very hard to open the port through it and it did...
  9. A

    SOLVED csf not blocking IPs

    Hello I have cPanel latest version 106.0.9 and csf my os is : centos 7 I Noticet blocked IPs in the csf.deny can still access server normally I have reinstall csf same problem any one face same probem ?
  10. T

    CSF and Log entries for an Apache version 4

    I try to fix entries CSF and Log entries for an Apache version 2.4: CUSTOM1_LOG = "/etc/apache2/logs/domlogs/*/*" Is it the correct CUSTOM1_LOG = "/etc/apache2/logs/domlogs/*/*" Need help.
  11. C

    How to allow port 2195 for Apple Push Notification in CentOS with WHM/cPanel?

    I want to allow port 2195 for Apple PN. I've tried running various commands and running more commands to test it but I can't figure out if it is added or enabled. I've WHM/cPanel with centOS 7.9. I've added port 2195 in CSF Home / Plugins / ConfigServer Security & Firewall, TCP_IN and TCP_OUT...
  12. A

    Port 3001 affects MySQL Service

    Hi. I have added port 3001 to TCP_OUT in CSF configuration because I need to connect an external API, but I notice that the change affects the MySQL service and the load up to 4000% in the WHM process manager. When I remove the port 3001 from the TCP_OUT configuration, everything was back to...
  13. keat63

    Does anyone have any experience with CSF mailscanner

    Guys Does anyone have any experience with CSF mail Scanner FE. I'm getting no where on thier forum, and I've a situatin that's driving me nuts. Our server is under some form of virus attack at the moment. I've put things in place to protect us, however, mailscanner is sending the below message...
  14. Spirogg

    SOLVED Just got email from csf that httpd got deleted ?

    Hi just wondering if anyone else got this today after updating ea4 today.
  15. leonep

    csf does not BAN ip for all rules. some rules just blocked on modsec, other rules ban IP

    Hi, I have ModSecurity 2.9 and OWASP Rule v3.3.0 running on my box Cloudlinux/nginx proxy/Apache 2.4 (+mod_remoteip) Some rules ban IPs on CSF , other rules just block on moddesc and no CSF ban... i have all triggers correctly in apache logs and correct setup in csf...
  16. Spirogg

    Excessive resource usage Executable: /usr/lib/systemd/systemd Command Line: (sd-pam)

    Hello, I am aware that CSF reports these via email, but I have never seen this with one of my websites . usually its /usr/bin/curl or /opt/cpanel/ea-php7.4/root/usr/sbin/php-fpm or /opt/cpanel/ea-php8/root/usr/sbin/php-fpm but never systemd or command line (sd-pam) Any reason you can think of...
  17. Spirogg

    Error: Failed to detect code [LlsNLK7sLm2bxuWS4WvQHdFT3OqCk] in SYSLOG_LOG [/var/log/messages]

    I recently had this issue on a new server installing AlmaLinux 8.5 minimal and then cPanel I guess during OS install - AlmaLinux Minimal did not install rsyslog for some reason or not. UPDATE 02/05/2022 3:21am: Note: The rsyslog package does not come by default on AlmaLinux installations so...
  18. R

    How to only allow certain IPs to hit specific HTML pages?

    I am looking for any Apache or CSF method that will allow me to help better lock down my web server. All my public facing pages are *.HTML pages, all my server processing files are labeled .PHP. Meaning only .PHP files should be accessed by HTML files from my own servers. At the moment, all...
  19. D

    CSF keeps blocking IP addresses of customers.

    I have been using CSF Config Security & Firewalldf for a while now and when I first set it up I had to keep adding customers IP addresses to the "Allow List" cue to being blocked. Now this keeps happening soon as a customer takes their laptop home and uses their house address / IP to access...
  20. GOT

    CSF Allow Causes site to NOT load under very specific conditions

    Its not every day I find something this perplexing, so I thought I would toss this out there to the hive mind and see if anyone can guess what might be going on here. Server is a Centos 7, fully updated server, high end specs, bare metal, latest Release version of cPanel. Running Litespeed...