1. S

    ModSec no longer triggering CSF blocks

    I've just noticed that ModSec trigger events are no longer resulting in CSF temp or perm IP blocks. Not 100% sure when this started happening. But LFD stats don't show any LF_MODSEC block triggers within the last 30 days. This is happening across two servers. Neither of which have had any...
  2. T

    Country Code Lookups setting MM_LICENSE_KEY inside CSF

    How to set Country Code Lookups setting MM_LICENSE_KEY must be set in /etc/csf/csf.conf to continue using the MaxMind dat An error was thrown when I restart CSF. https://blog.maxmind.com/2019/12/significant-changes-to-accessing-and-using-geolite2-databases/ I have logged in and set a...
  3. spaceman

    Wordfence plugin for WordPress still recommended if running csf on CloudLinux?

    Hi All, We're running multi-tenant CloudLinux servers with csf (configserver security and firewall). Assuming the above are appropriately configured, updated, etc., is it still smart for individual WordPress sites to use the very popular Wordfence firewall/security plugin? The main Pros I can...
  4. R

    I added port in CSF firewall as whitelist but not open port

    I already open the port in WHM CSF firewall configuration but when we connect with Virtualizor Module it say 4081, and 4085 ports are not open. can anyone please give solution regarding this ?
  5. M

    Strange "Check php version" issue

    When I run a "Check server security" on CSF, it gives me this strange message under Check php version. Any version of PHP older than v7.2.* is now obsolete and should be considered a security threat. You should upgrade exclusively to PHP v7.3+: Affected PHP versions: 7.4.33...
  6. I

    CSF set to send emails via SMTP authentication

    Hello, I see that CSF has two options: LF_ALERT_FROM and LF_ALERT_SMTP, but there's no options to set any username and password. I am trying to set SMTP authentication for LFD alerts, so that they'll be directly sent from my SMTP authentication. Is that possible to do so? I tried things like...
  7. S

    NGINX with Reverse Proxy and CSF settings

    Hi all I've recently installed NGINX with Reverse Proxy successfully. The server had ConfigServer Security & Firewall (CSF) installed previous to this and I'm wondering are there any CSF setting that should be changed? For example the lfd average high load emails include an Apache status...
  8. R

    how to block any/all connections from a specific domain?

    As the subject asks, how do I block access from any IP originating from a specific domain? I have CSF enabled and WHM Access enabled, but I can't figure out how to block all access from a specific domain. This domain has hundreds of network ranges that are constantly adding new ones. Instead...
  9. B

    MariaDB and System Resolved process tracking

    I keep getting alerts from CSF saying that MariaDB and System Resolved are using excessive resources (running for longer than the threshold). I have added them to the Process Ignore list: exe:/usr/sbin/mariadbd exe:/usr/lib/systemd/systemd-resolved But no luck. Interestingly, I never had to...
  10. D

    How to block wp-cron.php HTTP requests via Apache or CSF

    Hi Team, As wp-cron.php is a known performance issue and loop hole on WP platform. I have several servers and want to implement a blanket protection rule to stop wp-cron.php being accessed externally. Yes I am aware you can disable wp-cron.php in /wp-config.php with directive and also implement...
  11. J

    IP blocked in firewall won't unblock

    We have a customer that's been automatically FTPing a webcam file (that shows the local surf conditions) from IP to every 5 minutes for years. Suddenly, they started getting this: Error message: "connection failed check username and password" We use cPHulk, CSF/LFD, CXS...
  12. W

    SOLVED Error: csf is being restarted, try again in a moment..

    Hello When try to restart CSF get this error Error: csf is being restarted, try again in a moment: Resource temporarily unavailable at /usr/sbin/csf line 185. This happen on 2 server.. at this time. Any cPanel / csf upgrade issue/bug? Thanks
  13. D

    SOLVED High server load unless lfd is stopped, issue only started the last few days

    Within the last few days I have been experiencing a very high server load, to the point where the only way to reboot the server is to hard reset it. Had the hosting provider look at it and they gave me suggestions about disabling wp-cron on sites and scheduling the tasks through the cpanel...
  14. J

    Excessive resource usage and csf default install

    Hello. I hope everyone is safe and healthy. I've read the post about exessive resource usage here: https://forums.cpanel.net/threads/lfd-reporting-excessive-resource-usage-suspicious-process-spamd-child.628743/ In my case yes, I'm receiving a lot of exessive resource usage notifications such...
  15. H

    Security Check Advice

    Using CSF firewall, I'm aware it's a plugin and not a cPanel product but it suggests doing so, the question is, should I: Mail Check Check exim for secure authentication (if I require clients to connect with SSL or issue the STARTTLS command before they are allowed to authenticate with the...
  16. R

    CSF processing order of permit/deny lists?

    In CSF, Questions: 1. what gets processed first - permit lists or block lists? 2. What about permitted ports defined in the "General Configuration -> IPv4 Port Settings" versus the IP permit/block lists - what comes first? 3. I presume a more specific block (x.x.x.x/32) overrides a more...
  17. EagleDotNet

    I need to open Minecraft port on cpanel

    I installed minecraft bedrock server on my cPanel on vps server, after many attempts to install and run the server I finally succeeded in running it, but I could not access it because the port 19132 was not opened. I used CSF firewall and I tried very hard to open the port through it and it did...
  18. A

    SOLVED csf not blocking IPs

    Hello I have cPanel latest version 106.0.9 and csf my os is : centos 7 I Noticet blocked IPs in the csf.deny can still access server normally I have reinstall csf same problem any one face same probem ?
  19. T

    CSF and Log entries for an Apache version 4

    I try to fix entries CSF and Log entries for an Apache version 2.4: CUSTOM1_LOG = "/etc/apache2/logs/domlogs/*/*" Is it the correct CUSTOM1_LOG = "/etc/apache2/logs/domlogs/*/*" Need help.
  20. C

    How to allow port 2195 for Apple Push Notification in CentOS with WHM/cPanel?

    I want to allow port 2195 for Apple PN. I've tried running various commands and running more commands to test it but I can't figure out if it is added or enabled. I've WHM/cPanel with centOS 7.9. I've added port 2195 in CSF Home / Plugins / ConfigServer Security & Firewall, TCP_IN and TCP_OUT...