Page 7 of 7 FirstFirst ... 567
Results 121 to 134 of 134

Thread: HOWTO: CSF Firewall + LFD Login Failure Daemon

  1. #121
    Join Date
    Apr 2005
    Location
    GMT +7.00
    Posts
    11,878
    I did it and I keep doing it, but some days later... or a week, it appears there again...

    Actually I did chattr -i /usr/local/directadmin/data/admin/services.status, but I believe it's not a way-out. So I guess if you did not face yet, I need to go into details of cron jobs of CSF/LFD

  2. #122
    Join Date
    Oct 2004
    Location
    London, UK
    Posts
    6,700
    I see,

    have you tryed to disable it from csf.conf?

    Code:
    # Enable login failure detection daemon (lfd). If set to 0 none of the
    # following settings will have any effect as the daemon won't start.
    LF_DAEMON = "1"
    Maybe this will prevent the add of lfd as services, or, will just be set to OFF.

    Is just a suggestion, never tryed.

    Regards
    SeLLeRoNe - Andrea Iannucci
    Head of Managed Service - Senior DevOps Engineer
    If you need my support write me an E-Mail to Support@CrazyNetwork.it

  3. #123
    Join Date
    Apr 2005
    Location
    GMT +7.00
    Posts
    11,878
    Yes, I've got

    Code:
    [root@server ~]# grep LF_DAEMON /etc/csf/csf.conf
    LF_DAEMON = "0"

  4. #124
    Join Date
    Apr 2005
    Location
    GMT +7.00
    Posts
    11,878
    OK, I guess it gets enabled again with cron

    Code:
    [root@server cron.d]# cat /etc/cron.d/csf_update
    SHELL=/bin/sh
    25 1 * * * root /etc/csf/csf.pl -u
    I'm gonna read /etc/csf/csf.pl

  5. #125
    Join Date
    Nov 2012
    Posts
    43
    i had problem with csf.
    After start it almost everything work.
    I just create fresh install, don't change anything in configuration excerpt "testing" to 0.
    I had problem with mail. After start csf + lfd (with csf -e or from directadmin) the mail don't work. I mean it's not send any mails and mail() function don't work too.

    @edit
    Resolve.
    Need to add ports in TCP_OUT. 587 and 143.

    @edit.
    No it's not help. In mainlog in exim i had "connection timed out" after i start csf from fresh installation.
    Last edited by traskowski; 01-07-2013 at 04:01 AM.

  6. #126
    Join Date
    Apr 2005
    Location
    Shared & Dedicated Hosting
    Posts
    189
    If any one is looking for a hardware firewall like Fortigate I can offer you all a great discounted price on new devices , PM ME.
    Thank you for all your help - Much appreciated.

  7. #127
    Join Date
    May 2014
    Posts
    40
    Hi,

    Can I still use this tutorial ?? is it not too old ? also link for config file doesn't work http://oakdns.net/downloads/csf.conf

  8. #128
    nobaloney's Avatar
    nobaloney is offline NoBaloney Internet Svcs - In Memoriam Ü
    Join Date
    Jun 2003
    Location
    California
    Posts
    26,122
    I've made my own copy of the first post, with a few minor chanes, to fit my own environment, and it works for me, so I sugges trying it to see.

    Or visit the official CSF page (configserver.com) and follow instructions there.

    Links do occasionally go dead. User littleoak hasn't posted on the forums since 2009, so it's possible he's no longer in business, or no longer using DirectAdmin.

    My master file has been changed too much over the years to risk giving it out to anyone, but hopefully someone will respond to the thread here and let us know a current link for a good working file, and I can edit the original post to include it.

    Jeff
    +1 951 643-5345
    Third-Party DirectAdmin administration and support
    Dedicated Servers, Dedicated Reseller Accounts
    NoBaloney Internet Services div. Qnito Incorporated
    848 North Rainbow Blvd., Suite #3789
    Las Vegas, NV 89107-1103

  9. #129
    Join Date
    Jul 2008
    Location
    Maastricht
    Posts
    3,263
    Best thing is to use an original csf.conf from configserver.com because on updates sometimes new options are added to the config.

    I took a default file and just adjusted some minor things, like change the amount of times a user can try to login with a faulty password on email etc. and changed banning times etc.

    It works already good by default, just check the ports you want to be opened. On a CSF DA install (install-directadmin.sh) ports for Exim, DA etc. are already opened by default. It does not take that much time to wander over the file and make some adjustments you like.
    Greetings, Richard.

  10. #130
    Join Date
    Apr 2005
    Location
    GMT +7.00
    Posts
    11,878
    I'm agree with Richard, the defaults are enough good for most cases. Just remember to disable test mode in CSF settings after you finish with it.

  11. #131
    Join Date
    Mar 2004
    Posts
    167
    Has anyone succeeded in getting lfd to clamp down on IPs that make repeated attempts on wp-login.php and other such admin addresses on websites? The bot nets have been out in force lately...

    If so, how did you set it up?
    David M. Shirley CDTT (Certified Duct Tape Technician)

    Rock Solid Linux Web Hosting
    http://www.webquarry.com

  12. #132
    Join Date
    Apr 2005
    Location
    GMT +7.00
    Posts
    11,878
    David,

    Directadmin is good at a detection of bruteforce on wp-login.php. As soon as you are here you already uses Directadmin + CSF/LFD so let Directadmin to find offending IPs and they will be blocked.

  13. #133
    Join Date
    May 2014
    Location
    Netherlands Germany
    Posts
    332
    Quote Originally Posted by Richard G View Post
    Best thing is to use an original csf.conf from configserver.com because on updates sometimes new options are added to the config.

    I took a default file and just adjusted some minor things, like change the amount of times a user can try to login with a faulty password on email etc. and changed banning times etc.

    It works already good by default, just check the ports you want to be opened. On a CSF DA install (install-directadmin.sh) ports for Exim, DA etc. are already opened by default. It does not take that much time to wander over the file and make some adjustments you like.
    YUP but the warning of check PORTs against that default is very important! for all if you have changed some default ports yourself, your server could be unreachable then...

    If you have you own with / black and ignore whatever list changes also have a look before replacing with the default
    DUTCH GERMAN, GERMAN DUTCH

  14. #134
    Join Date
    Jul 2008
    Location
    Maastricht
    Posts
    3,263
    If you have you own with / black and ignore whatever list changes also have a look before replacing with the default
    This applies to *any* configuration file of anything when replacing the config (or important file) by a default config. You should always check and compare. That speeks for itself.
    Greetings, Richard.

Page 7 of 7 FirstFirst ... 567

Similar Threads

  1. Replies: 46
    Last Post: 11-21-2014, 03:31 PM
  2. Replies: 23
    Last Post: 11-06-2014, 01:51 PM
  3. Imap simultaneous login failure
    By Edwin in forum E-Mail
    Replies: 2
    Last Post: 09-12-2008, 05:02 AM
  4. Howto "login as reseller"
    By techguy in forum Admin-Level Difficulties
    Replies: 2
    Last Post: 12-29-2004, 05:07 PM
  5. error messgage/login failure
    By elizabeth in forum Installation / System Requirements
    Replies: 1
    Last Post: 12-09-2004, 06:33 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •