Config Server & Firewall

Tazmanian79

Verified User
Joined
Jul 24, 2010
Messages
82
I use CSF on my new CentOS 7 VPS server.

I have ran the firewall check and I see following warnings:

1. Check MySQL LOAD DATA disallows LOCAL
my.cnf file contains the following:
!includedir /etc/my.cnf.d

in that directory I have several files. in the file etc/my.cnf.d/server.cnf I have following
[mysqld]
local-infile = 0



2. Check dovecot weak SSL/TLS Ciphers (ssl_cipher_list)
my /etc/dovecot/dovecot.conf contains the following:
!include conf/ssl.conf

in that file I have the following:
ssl_cert = </etc/exim.cert
ssl_key = </etc/exim.key

ssl_protocols = !SSLv2 !SSLv3
ssl_cipher_list = ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP



So I have these setting, Why do I still have these warnings?
 

zEitEr

Super Moderator
Joined
Apr 11, 2005
Messages
13,853
Location
GMT +7.00
Hello,

You can ignore the alerts, as CSF/LFD does not check those directories and checks only:

/etc/my.cnf, [FONT=&quot]/etc/dovecot.conf, etc.[/FONT]
 

Tazmanian79

Verified User
Joined
Jul 24, 2010
Messages
82
Ok thanks for information.

They should also check these directories, maybe they will in future release.
 

maxi32

Verified User
Joined
Jul 25, 2016
Messages
40
Location
Malaysia
Hello,

You can ignore the alerts, as CSF/LFD does not check those directories and checks only:

/etc/my.cnf, [FONT="]/etc/dovecot.conf, etc.[/FONT]
Is there a away to skip or disable the checking from CSF/LFD. I want the green color satisfaction.. :(
 

zEitEr

Super Moderator
Joined
Apr 11, 2005
Messages
13,853
Location
GMT +7.00
Never had this task before, so I don't have an answer. Read the docs from CSF/LFD and/or ask developers about it.
 

maxi32

Verified User
Joined
Jul 25, 2016
Messages
40
Location
Malaysia
I use CSF on my new CentOS 7 VPS server.

I have ran the firewall check and I see following warnings:

1. Check MySQL LOAD DATA disallows LOCAL
my.cnf file contains the following:
!includedir /etc/my.cnf.d

in that directory I have several files. in the file etc/my.cnf.d/server.cnf I have following
[mysqld]
local-infile = 0



2. Check dovecot weak SSL/TLS Ciphers (ssl_cipher_list)
my /etc/dovecot/dovecot.conf contains the following:
!include conf/ssl.conf

in that file I have the following:
ssl_cert = </etc/exim.cert
ssl_key = </etc/exim.key

ssl_protocols = !SSLv2 !SSLv3
ssl_cipher_list = ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP



So I have these setting, Why do I still have these warnings?
I think I forgot to mention that both of your path to the config file are wrong. The mysql path should be always in /etc/my.cnf see the documentation here: https://help.directadmin.com/item.php?id=329. See solution here: https://www.codegix.com/how-to-hide-warning-message-in-csf-with-directadmin/
 

Richard G

Verified User
Joined
Jul 6, 2008
Messages
4,218
Location
Maastricht
I think I forgot to mention that both of your path to the config file are wrong.
No it isn't, as you can read:
my.cnf file contains the following:
!includedir /etc/my.cnf.d

in that directory I have several files. in the file etc/my.cnf.d/server.cnf I have following
So his my.cnf is present in /etc like it should but does not contain the same entry's as it was before with Mysql.
The /etc/my.cnf with the content including the /etc/my.cnf.d/ directory is default installation from Directadmin with Centos 7 and MariaDB these days.

However, it's indeed true that if you want the CSF warnings to be gone, you have to put some entry's in there.

Next to mysql, there are also other things like dovecot which give that kind of notice from CSF, as zEitEr said, they can be safely ignored.
 
Top