[PLUGIN] ConfigServer Security & Firewall

im having some problems on ftp...

when a user upload 2 file togheter is not a problem if are just 2.. but.. if are like 100 files with little dimension csf ban the user cause make too many connections.

so, i would ask, what ive to change and how... if csf settings or ftp timeout settings.

thanks

Regards
 
SeLLeRoNe said:
im having some problems on ftp...

when a user upload 2 file togheter is not a problem if are just 2.. but.. if are like 100 files with little dimension csf ban the user cause make too many connections.

so, i would ask, what ive to change and how... if csf settings or ftp timeout settings.

thanks

Regards
Click to expand...

I would tell your users to limit the number of connections in there ftp program. I recommend winscp and it works well.
 
well 2 files at time are not so many, but when file are little like 2kb you got so many consecutive connections and seems that connection is appended on last upload.. is that a possible cause?

there is a value in configuration i should change?

1 file each time of 2kb prolly give same result and ban the user
 
There is a limit in the csf config on the number of connections.. if you want to allow more then raise that number up.

CT_LIMIT = 100
 
0 will turn the feature off... this will work for sure, but you might try 300 and see if that does as well.
 
Richard G said:
Figured it out. It was because /usr/bin/perl wasn't given the correct permissions.
Click to expand...

tank you Richard
my problem has been solved with your help
i checked my perl permission and set corret permission
tnx
 
Last edited:
I'm about to try CSF. I've just read through 9 pages of posts, but I'd like a short answer to this question:

If I turn off kiss and turn on CSF will it just work, or do I need to test a lot of things first (I know which port numbers I need to allow)? I ask because I'm moving a lot of clients to a new server and I'd like a heads up as to what I might run into.

Thanks.

Jeff
 
Hi Jeff, we just made a similar change recently from Kiss to CSF and only had some issues with a few forgotten ports to open (like NTP). For the first few days after installation I recommend to read the logs carefully to be sure all is set up as expected. Oh, we changed some permanent ban settings into temporary bans in the first week but that was just to be sure we did not ban a beloved customer.

To be short: give it a try and let us know your experiences!
 
Jeff,

With install of CSF, it installs a safety switch. When adding ports and restarting CSF it holds the settings for 5 minutes. After that it automatically disables CSf again so you can login if you made a mistake.

When you are sure the settings are correct, then disable the safety switch.

Greetings
 
@Remco00:

Thanks for the note of your experiences. I have a list of all the ports I need open, along with my notes on KISS.

@Acc:

Thanks for that info... as I recall that used to be in APF as well. Hopefully I can also tell CSF that eth1 is trusted, because we use it only for our internal network; that means I'll always have a remote backdoor and can keep my datacenter trips to a minimum :).

Jeff
 
Last edited:
I could, but I'd rather limit it to eth1 and leave eht0 locked down.

No reason to open it on eth0, since traffic on our internal network is routed through eth1.

I'll look into it.

Thanks.

Jeff
 
There is a possibility to add the block system script (ban ip script?) of CSF with the new feature "Brute Force log scanner" of DA to make a "Block IP" button in the new admin page "Brute Force IP Info Page" (Brute Force Monitor)??? For example now when I go in this page (with a big list of IP's brute forcers) i see in the botom:
No custom/block_ip.sh found. You can create this optional script if you'd like to be able to block an IP from the control panel.
See: http://www.directadmin.com/features.php?id=1229
Click to expand...

Sorry for my noob question but I'm not an expert coder!!!:p
 
Anton As far as i know it is trusteable, but never used that plugins.

Regarding new feature Brute Force im interested aswell on an implementation directly in CSF.

Regards
 
ok it works great and thank you.I have a question.If I have multiple ip's could I enter them with just a space in between ?Also if I wished to ban a range or whole server range how would that be entered.Like 66.51.122.### to 66.51.122.### whatever?

Thanks for your help
 
Click on the 'Firewall Deny IPs' button, you can maintain banlists there. You can also read there how you can ban ranges; with CIDR notations.

# CIDR addressing allowed with a quaded IP (e.g. 192.168.254.0/24)
Click to expand...
 
Havig a problem now. When I disable the firewall, I can't enable it again from within DA because I get this message:
Due to restrictions in DirectAdmin you must login to the root shell to enable csf using:

csf -e

...Done.
Click to expand...
Is there a way to fix restrictions so I don't need to login to the root shell to enable it again?
 
You must log in or register to reply here.
Back
Top