ConfigServer Security & Firewall - csf - edit /etc/csf/csf.deny

qba82

Verified User
Joined
Jun 26, 2018
Messages
50
Hi guys,
recently I can't edit /etc/csf/csf.deny through DA csf plugin, few days ago it was all fine, after I click "Change" it was saving file, and saying I need restart csf+lfd. Now it drop me to the main page of csf plugin and doesn't save file, I must edit it in ssh. I checked permissions, owners, it is all fine, I can also edit /etc/csf/csf.allow.

I have more then 700 lines in /etc/csf/csf.deny.

What might cause a problem?
 

Awd

Verified User
Joined
Aug 9, 2015
Messages
316
Did you limit the number of IP's kept in the /etc/csf/csf.deny file?
 

Richard G

Verified User
Joined
Jul 6, 2008
Messages
5,021
Location
Maastricht
Where did you get that idea?
You can set a limit yourself in csf.conf and can even choose 0 for unlimited.
However that would not be wise as many rules would eat up your resources.

It's better to have less lines, for example 1500 and then don't block forever but a couple of days.

However, this issue has nothing to do with your limits.
I just tested to have a look and I have the same issue so it's reproducable. I can edit the files, but on clicking save, they don't save.
I didn't see that before because I never use this, I always edit via SSH.

I checked the DA error log and see this as the reason:
Code:
System::load_to_env: loading variable 'POST' is larger than MAX_ENV_LEN(125749) so will be skipped
 
Last edited:
Top