Learn about Centmin Mod LEMP Stack today
Register Now

Firewall ban problem

Discussion in 'Install & Upgrades or Pre-Install Questions' started by adamus007p, Mar 19, 2020.

Tags:
  1. adamus007p

    adamus007p Member

    194
    12
    18
    Feb 8, 2019
    Ratings:
    +22
    Local Time:
    11:57 AM
    Hello, I have Firewall

    I use

    Code (Text):
    # setup extended CSF Firewall blocklists https://community.centminmod.com/posts/50060/
    /usr/local/src/centminmod/tools/csf-advancetweaks.sh
    
    # enable CSF Firewall native fail2ban like support
    # https://community.centminmod.com/posts/62343/
    csf --profile backup backup-b4-customregex
    cp -a /usr/local/csf/bin/regex.custom.pm /usr/local/csf/bin/regex.custom.pm.bak
    egrep 'CUSTOM1_LOG|CUSTOM2_LOG|CUSTOM3_LOG|CUSTOM4_LOG' /etc/csf/csf.conf
    sed -i "s|CUSTOM1_LOG = .*|CUSTOM1_LOG = \"/home/nginx/domains/\*/log/access.log\"|" /etc/csf/csf.conf
    sed -i "s|CUSTOM2_LOG = .*|CUSTOM2_LOG = \"/home/nginx/domains/\*/log/error.log\"|" /etc/csf/csf.conf
    sed -i "s|CUSTOM3_LOG = .*|CUSTOM3_LOG = \"/var/log/nginx/localhost.access.log\"|" /etc/csf/csf.conf
    sed -i "s|CUSTOM4_LOG = .*|CUSTOM4_LOG = \"/var/log/nginx/localhost.error.log\"|" /etc/csf/csf.conf
    egrep 'CUSTOM1_LOG|CUSTOM2_LOG|CUSTOM3_LOG|CUSTOM4_LOG' /etc/csf/csf.conf
    wget -O /usr/local/csf/bin/regex.custom.pm https://gist.github.com/centminmod/f5551b92b8aba768c3b4db84c57e756d/raw/regex.custom.pm
    csf -ra
    
    


    from Install - Discussion: how do you initially install & setup your Centmin Mod server?



    I have ecommerce and I noticed that Firewall ban me too aggressive.
    I refresh website few time and it ban me.

    Last time even ban my IP when I was connecting via SCP and ssh.

    How to config firewall?
    Any recommendations for ecommerce?

    I am wondering how many customers were ban.
     
  2. eva2000

    eva2000 Administrator Staff Member

    43,579
    9,885
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +15,265
    Local Time:
    7:57 PM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    I'd remove and undo that by restoring CSF Firewall backup profile as outlined at
    Security - CSF Firewall native fail2ban functionality