Want more timely Centmin Mod News Updates?
Become a Member

CSF CSF Firewall info

Discussion in 'Other Centmin Mod Installed software' started by eva2000, May 25, 2014.

  1. eva2000

    eva2000 Administrator Staff Member

    53,142
    12,110
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,645
    Local Time:
    8:52 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    For folks wondering what /etc/csf/csf.conf settings are, you can also check out the web server demo at ConfigServer Security & Firewall for easier reading :)

     
  2. Sunka

    Sunka Well-Known Member

    1,150
    325
    83
    Oct 31, 2015
    Pula, Croatia
    Ratings:
    +525
    Local Time:
    12:52 PM
    Nginx 1.17.9
    MariaDB 10.3.22
    Yesterday, I reinstall my windows, and after setup I tried to connect to my host through ssh from my PC. Because of wrong password csf firewall blocked my IP, and only way to connect is with terminal directly through Digital Ocean.
    I google for solution and this is what I found. I solved my problem, and if anybody come to exact problem, here is solution.

    P.S. Many of this commands is allready posted in this thread, but it is not pity to post it again all in one post.

    enable CSF
    Code:
    csf -e
    restart the CSF
    Code:
    csf -r
    disable CSF
    Code:
    csf -x
    For remove blocked ip:
    Code:
    csf -dr YOURIPADDRESS
    For whitelist ip:
    Code:
    csf -a YOURIPADDRESS
    list temporary blocked IP
    Code:
    /usr/sbin/csf -t
    flush all temporary blocked IP
    Code:
    /usr/sbin/csf -tf
    Just flush the tables. If you have installed csf then use
    Code:
    csf -f
    If you are running with iptables then use
    Code:
    iptables --flush
    For more command line options try
    Code:
    csf --help
     
  3. eva2000

    eva2000 Administrator Staff Member

    53,142
    12,110
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,645
    Local Time:
    8:52 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
  4. eva2000

    eva2000 Administrator Staff Member

    53,142
    12,110
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,645
    Local Time:
    8:52 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
  5. Ahmad

    Ahmad Active Member

    209
    80
    28
    Apr 13, 2015
    Ratings:
    +150
    Local Time:
    12:52 PM
    1.9.9
    10.1.10
    I do this on every server I own and it saved me already a few times (I have a dynamic IP.so this is really handy) ;)
     
  6. ModeltogTossen

    ModeltogTossen I wish I could??

    313
    97
    28
    Dec 20, 2015
    Denmark
    Ratings:
    +143
    Local Time:
    12:52 PM
    1.9.12
    10.0.23
    I also have dynamic ip - have vpn access to work - and that public IP is whitelisted on everything I do - so if something happens - from home, remote desktop to a management server with putty on work and then ssh from that into the 'faulty' server and alter it.
     
  7. eva2000

    eva2000 Administrator Staff Member

    53,142
    12,110
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,645
    Local Time:
    8:52 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    (y)
    (y)

    both good ideas :)
     
  8. Sunka

    Sunka Well-Known Member

    1,150
    325
    83
    Oct 31, 2015
    Pula, Croatia
    Ratings:
    +525
    Local Time:
    12:52 PM
    Nginx 1.17.9
    MariaDB 10.3.22
    When we ban some Ip, or put into whitelist, is that valid at that moment, or we have to restart first csf?
     
  9. eva2000

    eva2000 Administrator Staff Member

    53,142
    12,110
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,645
    Local Time:
    8:52 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    valid immediately without restart
     
  10. MaximilianKohler

    MaximilianKohler Member

    178
    5
    18
    Jun 23, 2023
    Ratings:
    +23
    Local Time:
    3:52 AM