Learn about Centmin Mod LEMP Stack today
Become a Member

CSF CSF Firewall info

Discussion in 'Other Centmin Mod Installed software' started by eva2000, May 25, 2014.

  1. eva2000

    eva2000 Administrator Staff Member

    37,261
    8,140
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,532
    Local Time:
    9:28 AM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    For folks wondering what /etc/csf/csf.conf settings are, you can also check out the web server demo at ConfigServer Security & Firewall for easier reading :)
     
  2. Sunka

    Sunka Well-Known Member

    1,045
    286
    83
    Oct 31, 2015
    Rijeka, Croatia
    Ratings:
    +464
    Local Time:
    12:28 AM
    Nginx 1.15.0
    MariaDB 10.2.15
    Yesterday, I reinstall my windows, and after setup I tried to connect to my host through ssh from my PC. Because of wrong password csf firewall blocked my IP, and only way to connect is with terminal directly through Digital Ocean.
    I google for solution and this is what I found. I solved my problem, and if anybody come to exact problem, here is solution.

    P.S. Many of this commands is allready posted in this thread, but it is not pity to post it again all in one post.

    enable CSF
    Code:
    csf -e
    restart the CSF
    Code:
    csf -r
    disable CSF
    Code:
    csf -x
    For remove blocked ip:
    Code:
    csf -dr YOURIPADDRESS
    For whitelist ip:
    Code:
    csf -a YOURIPADDRESS
    list temporary blocked IP
    Code:
    /usr/sbin/csf -t
    flush all temporary blocked IP
    Code:
    /usr/sbin/csf -tf
    Just flush the tables. If you have installed csf then use
    Code:
    csf -f
    If you are running with iptables then use
    Code:
    iptables --flush
    For more command line options try
    Code:
    csf --help
     
    • Informative Informative x 2
  3. eva2000

    eva2000 Administrator Staff Member

    37,261
    8,140
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,532
    Local Time:
    9:28 AM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    • Like Like x 1
  4. eva2000

    eva2000 Administrator Staff Member

    37,261
    8,140
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,532
    Local Time:
    9:28 AM
    Nginx 1.15.x
    MariaDB 5.5/10.x
  5. Ahmad

    Ahmad Premium Member Premium Member

    209
    80
    28
    Apr 13, 2015
    Ratings:
    +150
    Local Time:
    12:28 AM
    1.9.9
    10.1.10
    I do this on every server I own and it saved me already a few times (I have a dynamic IP.so this is really handy) ;)
     
    • Agree Agree x 1
  6. ModeltogTossen

    ModeltogTossen I wish I could??

    313
    97
    28
    Dec 20, 2015
    Denmark
    Ratings:
    +143
    Local Time:
    12:28 AM
    1.9.12
    10.0.23
    I also have dynamic ip - have vpn access to work - and that public IP is whitelisted on everything I do - so if something happens - from home, remote desktop to a management server with putty on work and then ssh from that into the 'faulty' server and alter it.
     
    • Informative Informative x 1
  7. eva2000

    eva2000 Administrator Staff Member

    37,261
    8,140
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,532
    Local Time:
    9:28 AM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    (y)
    (y)

    both good ideas :)
     
  8. Sunka

    Sunka Well-Known Member

    1,045
    286
    83
    Oct 31, 2015
    Rijeka, Croatia
    Ratings:
    +464
    Local Time:
    12:28 AM
    Nginx 1.15.0
    MariaDB 10.2.15
    When we ban some Ip, or put into whitelist, is that valid at that moment, or we have to restart first csf?
     
  9. eva2000

    eva2000 Administrator Staff Member

    37,261
    8,140
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,532
    Local Time:
    9:28 AM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    valid immediately without restart
     
    • Like Like x 1
..