csf firewall

You can do country blocking at server's CSF Firewall level outlined at...

If you are having pure-ftpd disconnection or connection issues when uploading many files at once, it could be CSF Firewall's DDOS protection for...

Please fill in any relevant information that applies to you: CentOS Version: i.e. CentOS 7 64bit ? Centmin Mod Version Installed: i.e....

With inspiration from @ethanpil work and my fail2ban work, I am now doing some testing for CSF Firewall native layer 7 application level...

I think I found some information about this some months ago but I can't seem to find it anymore. On my xenForo forum, in the who is online list, I...

Is there a limit to how many IPs can be blocked with CSF firewall? Do the old IPs get nuked to make room for new IPs added in the future?

Thought I'd post a reminder for some of Centmin Mod 123.09beta01's newer security related developments I have been working on. Some of which is...

Updated Centmin Mod 123.09beta01+ and higher branches with extended CSF Firewall tweaks outlined below More dynamic formula for non-openvz system...

revise inc/csftweaks.inc - More dynamic formula for non-openvz system based DENY_IP_LIMIT & DENY_TEMP_IP_LIMIT settings based on system resources...

For a while now I have been working on a fail2ban configuration specifically made for Centmin Mod LEMP stack environments which uses CSF Firewall...

Vultr has their own optional firewall feature you can enable Vultr Firewall. However, this doesn't have any rule sets for Centmin Mod LEMP stack...

According to OVH documentation, they have monitoring systems which need whitelisting their ICMP ping requests. Centmin Mod CSF Firewall can do...

CentOS Version: CentOS 7 64bit ? Centmin Mod Version Installed: 123.09beta01 Nginx Version Installed: 1.11.10 PHP Version Installed:7.0.15 MariaDB...

update tools/csfcf.sh & csf install in 123.09beta01 csf install will now trigger tools/csfcf.sh auto run once to update the...

So i've tried twice now to install centminmod, both times work fine up until the point where I start to upload files to it. I have a lot of...

update csf install & setup routine to account for non-default SSHD ports in 123.09beta01 CSF Firewall initial install, configuration setup and...

update tools/csfcf.sh cloudflare ip insert into csf.ignore Continue reading... 123.09beta01 branch Branch:...

Did not know the CSF UI created such an intense load - Screenshot by Lightshot - anyone else use the UI?

update tools/csfcf.sh curl timeouts and ipv4 & ipv6 checks Continue reading... 123.09beta01 branch Branch:...

Hi I had brutal force to my site, but why i add this IP to csf deny, iptable this IP .. still connect and brutal force ? I added IP and restart...

update inc/csftweaks.inc disable USE_CONNTRACK if enabled Continue reading... 123.09beta01 branch Branch:...

update inc/csftweaks.inc whitelist & ignore initial IP Whitelist and ignore user's initial installation IP as one prevention method of being...

Or enable CSF DOS protection. Is there a specific setting for it?

chmod +x tools/csfcf.sh Continue reading... 123.09beta01 branch Branch: https://github.com/centminmod/centminmod/tree/123.09beta01 Commit...

For 123.09beta01 looking to add a script to automate the setup for Cloudflare IPv4 and IPv6 and Nginx and CSF Firewall configurations outlined at:...

I just ran into an issue with CSF. I was doing some networking research over the past few days and learned that `iproute2` (called `ip` in CentOS...

Centmin Mod LEMP stack was developed originally for my own needs and usage requirements for the web applications and software I use and run, so...

The default CSF configuration leaves quite a few ports open.. Assuming the server functions as a web server only (no email services) couldnt we...

I was wondering, how secure is CMM out of the box ? What are the first few steps/things one should do after installing CMM to properly secure the...

update inc/csftweaks.inc less verbose Continue reading... 123.09beta01 branch Branch:...

update inc/csfinstall.inc reduce number of initial whitelisted ports out of the box Continue reading... Centmin Mod Github Current Stable...

update inc/csfinstall.inc reduce number of initial whitelisted ports out of the box Continue reading... 123.09beta01 branch Branch:...

update inc/csfinstall.inc reduce number of initial whitelisted ports out of the box Continue reading... Centmin Mod Github Master branch...

Just installed and I am locked out. I haven't changed the ssh port. I am in an OpenVZ (AWS) and I read about the IPSET limitation on OpenVZ,...

less verbose inc/csftweaks.inc Continue reading... Centmin Mod Github Current Stable branch Branch: centminmod/centminmod at 123.08stable ·...

remove ports 111 & 2049 from CSF Firewall whitelist by default remove RPC/portmapper and NFS ports 111 and 2049 from CSF Firewall whitelist by...

less verbose inc/csftweaks.inc Continue reading... Centmin Mod Github Master branch Master branch is where most recent commits are made as at...

remove ports 111 & 2049 from CSF Firewall whitelist by default remove RPC/portmapper and NFS ports 111 and 2049 from CSF Firewall whitelist by...

less verbose inc/csftweaks.inc Continue reading... 123.09beta01 branch Branch: https://github.com/centminmod/centminmod/tree/123.09beta01...

remove ports 111 & 2049 from CSF Firewall whitelist by default remove RPC/portmapper and NFS ports 111 and 2049 from CSF Firewall whitelist by...

Hi @eva2000 . How to open an PORT in filewall?

Hi guys 'n' gals, I have been trying to install Jenkins on the same server I have installed centmin and it seems CSF is blocking it from updating...

So I got a backupsy server to backup my data. When i setup a password-less ssh login from the backupsy server to the main server using this...

On CentOS 6.6 Sever, still on Linode. CSF disabled via csf -x is fine. But using CentOS 7.1 now, disabling CSF via csf -x and reboot the server,...

ensure CSF firewall starts out with latest version Continue reading... Centmin Mod Github Master branch Master branch is where most recent...

ensure CSF firewall starts out with latest version Continue reading... 123.08beta03 branch Branch:...

update inc/csftweaks.inc modprobe -l doesn't exist on CentOS 7 seems the -l flag in modprobe on CentOS 7 no longer exists like on CentOS 6 so...

update inc/csftweaks.inc modprobe -l doesn't exist on CentOS 7 seems the -l flag in modprobe on CentOS 7 no longer exists like on CentOS 6 so...

update inc/csftweaks.inc more accurate ipset support detection Continue reading... Centmin Mod Github Master branch Master branch is where...

update inc/csftweaks.inc more accurate ipset support detection Continue reading... 123.08beta03 branch Branch:...

I added listen 6235; to server block, but it's not working. I can't access it.

fix csf, memcached & siege installations due to download times profiling causing variable evalulations to be skipped for whether these 3 apps were...

fix csf, memcached & siege installations due to download times profiling causing variable evalulations to be skipped for whether these 3 apps were...

update common imap, pop3, smtp port white list for TCP_OUT/TCP6_OUT for CSF Firewall Continue reading... 123.08centos7beta02 branch Branch:...

add port 465 to CSF Firewall TCP6_OUT Continue reading... 123.08centos7beta02 branch Branch:...

Hey Guys, I have a really ANNOYING issue. I somehow keep getting ipbanned from my server. I have white listed, ignored, my ip. I have checked the...

I'm preparing for my linode to be rebooted (Linode windows for critical patching). I know IP Tables will be erased once a server is rebooted, how...

it gets as high as 80% on TS3 I have whitelisted all of the related ports but it's still kicking off any thoughts on how to avoid this?

I'm getting tons of emails about failed login attempts to my VPS. Not a surprise, and I'm not too worried about it because I have login via...

enable by default CSF Firewall's dynamic dns support for .08 beta Continue reading...

Staff would suggest, good security tutorials to be applied in the vps ? because I would love to feel safe . It could also list the main rules to...

ensure CSF has all perl YUM packages for CentOS 7 Continue reading...

ensure perl-Crypt-SSLeay & perl-Net-SSLeay are installed for CSF Firewall Continue reading...

Just reloaded a VPS and used the latest Centminmod Stable and I'm getting this email from Cron Subject: Cron <[email protected]> /usr/sbin/csf -u Body:...

configure CSF firewall PORTFLOOD for pure-ftpd in .08 beta Continue reading...

adjust CSF lfd threshold for blocking failed FTP load attempts for .08 beta Continue reading...

I host with Vultr and for no apparent reason, my server became inaccessible tonight. You can't browse it's websites, and I can rarely get in via...

Hi After adding a new nameserver i want to ask please what command should i add to always accept connections and never had a problem with the...

update csf.conf fix EMAIL variable insertion for .08 beta Continue reading...

For a pure Dedicated Server/Ovh. I have some VPS and Dedicated server also but with different value. Should be 1 or 0?

fix CSF firewall IPSET check for non-OpenVZ systems only Continue reading...

enable LF_IPSET for CSF Firewall for Centmin Mod .08 beta & higher Continue reading...

Hi I just change the default ssh port to 1012 on the main server and i try to connect from remote backup server to it using: /usr/bin/rsync -az...

update inc/csftweaks.inc Continue reading...

update /inc/csfinstall.inc Continue reading...

missing comma in inc/csfinstall.inc Continue reading...

update inc/csfinstall.inc whitelist traceroute ports Continue reading...

update inc/csfinstall.inc whitelist traceroute ports Continue reading...

Hello, I have an admin server which is the only machine allowed to ssh into my web servers. I would like to block all incoming connections to the...

Hi I am thinking to limit user connections on server per ip in case that someone run a siege benchmark on my server and maybe try to kill it (too...

fix typo in inc/downloadlinks.inc for CSF Firewall download url Continue reading...

Just found this blog: How to prevent DDOS attack by CSF firewall? | Raj Programming- All about programming and servers What are the possible...

update inc/downloadlinks.inc CSF Firewall download url changed Continue reading...

update inc/downloadlinks.inc CSF Firewall download url changed Continue reading...

Hi, i have installed CentOS 6.5 Minimal. When i installed Centmin Mod v1.2.3-eva2000.07 the script abort with follow error: Error: csf.tgz...

Hi Is it better to install the CSF firewall and then change ssh port or not? Just to avoid lock out .... Thanks

So, I would rather block certain countries at the server level rather than at the software level (with an XenForo add-on). I am starting to look...

update inc/csfinstall.inc Continue reading...

update inc/csfinstall.inc Continue reading...

update inc/csfinstall.inc Continue reading...

So many time login root user from china. How can I protect for root user?

Hi Eva, I've been using your centmin-mod v.1.2.3 for my VPS, so far is stable. But today i try to whitelist Cloudflare and there's some error....

The forum's server runs Centmin Mod Nginx LEMP web stack and part of that web stack is the auto install of CSF Firewall. Now I have configured...

update inc/csfinstall.inc for CentOS 7 Continue reading...

disable firewalld by default opt for CSF firewall on CentOS 7 Continue reading...

hallo i tried to limit the connections per IP i show that there is the way with domain.com.conf with the limit_conn limit_per_ip 16; and there is...

hallo i would like some help on what needs to be done in order to enable the connection limit to 16 per IP the comment must be removed from the...

update inc/csfinstall.inc for firewalld Continue reading...