Learn about Centmin Mod LEMP Stack today
Register Now

CSF Help needed to open the WHOIS 43 port.

Discussion in 'Other Centmin Mod Installed software' started by radbrad, May 4, 2020.

  1. radbrad

    radbrad New Member

    26
    3
    3
    Feb 15, 2020
    Ratings:
    +4
    Local Time:
    7:48 PM
    Please fill in any relevant information that applies to you:
    • CentOS Version: i.e. CentOS 6 32bit or 64bit / CentOS 7 64bit ?
    • Centmin Mod Version Installed: i.e. 123.08stable or 123.09beta01
    • Nginx Version Installed: i.e. 1.15.3
    • PHP Version Installed: i.e. 5.6.37, 7.0.31, 7.1.21, 7.2.9
    • MariaDB MySQL Version Installed: i.e. 10.0.x or 10.1.xx or 10.2.xx
    • When was last time updated Centmin Mod code base ? : i.e. run centmin.sh menu option 23 submenu option 2 or cmupdate command
    • Persistent Config: Do you have any persistent config file options set in /etc/centminmod/custom_config.inc ? You can check via this command:
      Code (Text):
      cat /etc/centminmod/custom_config.inc
      

      Post output in CODE tags.
    Hi,

    I followed your CSF guide to open/whitelist the port 43 in csf.conf but I think it's not working. I am unable to use it.
     
  2. eva2000

    eva2000 Administrator Staff Member

    44,781
    10,212
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +15,828
    Local Time:
    12:18 AM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    Did you add port 43 to comma separated list for TCP_OUT and TCP6_OUT settings and then restart CSF Firewall using
    Code (Text):
    csf -ra
     
  3. radbrad

    radbrad New Member

    26
    3
    3
    Feb 15, 2020
    Ratings:
    +4
    Local Time:
    7:48 PM
    Yes, I have done both the steps. Still no luck
     
  4. eva2000

    eva2000 Administrator Staff Member

    44,781
    10,212
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +15,828
    Local Time:
    12:18 AM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    output for command
    Code (Text):
    egrep '^TCP_|^TCP6_|^UDP_|^UDP6_' /etc/csf/csf.conf
    
     
  5. radbrad

    radbrad New Member

    26
    3
    3
    Feb 15, 2020
    Ratings:
    +4
    Local Time:
    7:48 PM
    Here is the output:

    Code:
    TCP_IN = "20,21,22,25,53,80,110,143,161,443,465,587,993,995,1110,1186,1194,81,9418,30001:50011"
    TCP_OUT = "2525,465,43,1110,1194,9418,20,21,22,25,53,80,110,113,443,587,993,995"
    UDP_IN = "67,68,1110,33434:33534,20,21,53"
    UDP_OUT = "67,68,1110,33434:33534,20,21,53,113,123"
    TCP6_IN = "20,21,22,25,53,80,110,143,161,443,465,587,993,995,1110,1186,1194,81,9418,30001:50011"
    TCP6_OUT = "2525,465,43,20,21,22,25,53,80,110,113,443,587,993,995"
    UDP6_IN = "20,21,53"
    UDP6_OUT = "20,21,53,113,123"
    
     
  6. eva2000

    eva2000 Administrator Staff Member

    44,781
    10,212
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +15,828
    Local Time:
    12:18 AM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    that should work what do you get from
    Code (Text):
    whois cloudflare.com
     
  7. radbrad

    radbrad New Member

    26
    3
    3
    Feb 15, 2020
    Ratings:
    +4
    Local Time:
    7:48 PM
    This code returns whois data of cloudflare.com but if you check my website uberchecker.com you will see the script says WHOis 43 is unavailable. According to the developer, the WHOIS data is checked using the following PHP query.

    Code:
    $pf = @fsockopen('whois.verisign-grs.com', 43 , $err, $err_string, 1);
    I dont understand why its not working..
     
    Last edited: May 6, 2020
  8. eva2000

    eva2000 Administrator Staff Member

    44,781
    10,212
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +15,828
    Local Time:
    12:18 AM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    Oh you mean you are using PHP to run whois check ? does the php script use shell_exec ? as that is disabled by default

    By default PHP shell_exec() is disabled in /usr/local/etc/php-fpm.conf via entry
    Code (Text):
    php_admin_value[disable_functions] = shell_exec

    If you need shell_exec for your PHP scripts, just disable it by commenting out that line with a semi-column
    Code (Text):
    ;php_admin_value[disable_functions] = shell_exec

    you can use sed to replace via command
    Code (Text):
    sed -i "s|^php_admin_value\[disable_functions\] = shell_exec|;php_admin_value\[disable_functions\] = shell_exec|" /usr/local/etc/php-fpm.conf
    

    and then restart nginx and php-fpm
    Code (Text):
    nprestart
     
  9. radbrad

    radbrad New Member

    26
    3
    3
    Feb 15, 2020
    Ratings:
    +4
    Local Time:
    7:48 PM
    Thanks eva2000,

    Disabling shell_exec didn't work... I think the port 43 is not open in the master server...