[PLUGIN] ConfigServer Security & Firewall

New problem with permissions:

I have installed configserver on a new 4.6 reinstalled server and get this error when i go to the configserver page in directadmin:
PHP: 
Permission denied [User:admin UID:501]

When i tried to run in shh: /usr/local/directadmin/plugins/csf/exec/csf
I get this error:
PHP: 
Permission denied [User:root UID:0]

/usr/local/directadmin/plugins/csf/exec/csf has the permission 4777, on other servers there is no problem..
 
I can't find the link to configserver in admin area.


All was installed correct.

Regards
 
Looks very nice, I will try this and disable KISS for a while, Im sure they wont play nice together
 
hello. when csf is enable my user cant connect to their host via ftp software like filezilla


Response: 257 "/" is the current directory
Command: TYPE I
Response: 200 Type set to I
Command: PASV
Response: 227 Entering Passive Mode (204,12,210,173,138,107).
Command: LIST
 
I talking about my problem, friend jejeje

You can send a support ticket to chirpy from configserver.com
 
Would this post give some help?
Code: 
http://forum.configserver.com/showthread.php?t=1828&highlight=Permission+denied


snaaps said:
New problem with permissions:

I have installed configserver on a new 4.6 reinstalled server and get this error when i go to the configserver page in directadmin:
PHP: 
Permission denied [User:admin UID:501]

When i tried to run in shh: /usr/local/directadmin/plugins/csf/exec/csf
I get this error:
PHP: 
Permission denied [User:root UID:0]

/usr/local/directadmin/plugins/csf/exec/csf has the permission 4777, on other servers there is no problem..
Click to expand...
 
Had to install a perl module, LWP perl module (libwww-perl), but install went fine after that, looks good, I see I have some things to do according to the server security check.:eek:
 
ConfigServer and lfd

anyone know a quick way to disable the Login Failure Daemon?
haven't got it to work since install and its filling logs with "The service 'lfd' on server my.server.net is currently down"
csf seems ok.
wondering if a re install would fix anything, never did create the lfd.log file that was supposed to be there, perhaps that's a clue to a install problem. :(
 
Hey,

Look for this section in the csf.conf file:

# Enable login failure detection daemon (lfd). If set to 0 none of the
# following settings will have any effect as the daemon won't start.
LF_DAEMON = "1"

David
 
set that to 0 a while ago but still the lfd messages keep coming with it failed and cant start
 
Solved

seems after much investigating, I was missing a perl module called Time::HiRes .
I re enabled the lfd and got tha lfd.log created and all seem working very nicely
already has taken care of a few of those non stop ssh attempts, plus caught someone trying to use portmap, and killed that
Very Happy thus far
Thanks Chirpy for your contribution! :D
 
Guys,

my crond log is full of lfd statements. Its a really big headache to and can't seem to find anything easily on it. here are the things that keep repeating all over again.

Code: 
Oct 11 23:55:01 vps crond[24108]: (root) CMD (/usr/bin/test -e /etc/csf/lfd.start && /bin/rm /etc/csf/lfd.start && /etc/init.d/lfd start > /dev/null 2>&1)
Oct 11 23:56:01 vps crond[26267]: (root) CMD (/usr/bin/test -e /etc/csf/lfd.enable && /bin/rm /etc/csf/lfd.enable && /usr/sbin/csf -e > /dev/null 2>&1)
Oct 11 23:56:01 vps crond[26272]: (root) CMD (/usr/bin/test -e /etc/csf/lfd.start && /bin/rm /etc/csf/lfd.start && /etc/init.d/lfd start > /dev/null 2>&1)
Oct 11 23:56:01 vps crond[26276]: (root) CMD (/usr/bin/test -e /etc/csf/lfd.restart && /bin/rm /etc/csf/lfd.restart && /etc/init.d/lfd restart > /dev/null 2>&1)
Oct 11 23:56:01 vps crond[26278]: (root) CMD (/usr/local/directadmin/dataskq)
Oct 11 23:57:01 vps crond[27728]: (root) CMD (/usr/bin/test -e /etc/csf/lfd.start && /bin/rm /etc/csf/lfd.start && /etc/init.d/lfd start > /dev/null 2>&1)
Oct 11 23:57:01 vps crond[27729]: (root) CMD (/usr/bin/test -e /etc/csf/lfd.restart && /bin/rm /etc/csf/lfd.restart && /etc/init.d/lfd restart > /dev/null 2>&1)
Oct 11 23:57:01 vps crond[27733]: (root) CMD (/usr/local/directadmin/dataskq)
Oct 11 23:57:01 vps crond[27734]: (root) CMD (/usr/bin/test -e /etc/csf/lfd.enable && /bin/rm /etc/csf/lfd.enable && /usr/sbin/csf -e > /dev/null 2>&1)
Oct 11 23:58:01 vps crond[28488]: (root) CMD (/usr/bin/test -e /etc/csf/lfd.enable && /bin/rm /etc/csf/lfd.enable && /usr/sbin/csf -e > /dev/null 2>&1)
Oct 11 23:58:01 vps crond[28491]: (root) CMD (/usr/bin/test -e /etc/csf/lfd.start && /bin/rm /etc/csf/lfd.start && /etc/init.d/lfd start > /dev/null 2>&1)
Oct 11 23:58:01 vps crond[28492]: (root) CMD (/usr/bin/test -e /etc/csf/lfd.restart && /bin/rm /etc/csf/lfd.restart && /etc/init.d/lfd restart > /dev/null 2>&1)
Oct 11 23:58:01 vps crond[28497]: (root) CMD (/usr/local/directadmin/dataskq)

Is this normal or what?
 
my log looks much the same, pretty sure it just doing it's job searching the the logs for possible bad things to take care of :)
 
I have a problem, some of my customers run whois scripts and these do not work. The firewall is blocking them, why is the firewall blocking this kind of scripts and how can I prevent it from blocking these scripts? I mean, whois scripts are completely harmless. Not only these scripts, but almost every script that connects to another server is blocked by the firewall...
 
Hi, i wasnt able to install with DA plugin manager (cant find install.sh if dont remember bad) so ive installed without problem from ssh.

Ive just a quesiton, is possible to put an hostname in allowed ip?

Thanks
 
You must log in or register to reply here.
Back
Top