ConfigServer shutting down as of 31st of August 2025

[ccto]

Domain is unreachable

F.Y.I. - I can access the website - https://configserver.com/

 

[Richard G]

Yep, maybe it was a short interruption, I also have no problems reaching the site.

 

[ccto]

Does DirectAdmin have any (tentative) planning for CSF?

 

[Richard G]

Not yet. I think they are also (just like the competition) looking as to what is going to happen, if indeed it will be given free via GPL3 and Github and probably decide then how to go on further.

 

[Erulezz]

Version 1.682 | Directadmin Docs

DirectAdmin Knowledge Base

docs.directadmin.com

There are at least some changes in the upcoming version

 

[ccto]

F.Y.I. -

With DA 1.682 alpha version, we need to run "da build csf" to update/patch it (and make AUTO_UPDATES from 1 to 0)

(not simply update DA)

Version 1.682 | Directadmin Docs

DirectAdmin Knowledge Base

docs.directadmin.com

There are at least some changes in the upcoming version

 

[Ohm J]

Please carefully, CSF enable automatics update by default, I'm just found out recently on new box installed.


Maybe someone on the vacation trip don't know this yet .

 

[nlaruelle]

Does DirectAdmin have any (tentative) planning for CSF?

On its side, cPanel just sent a newsletter announcing that they would like, if possible, to ensure a smooth transition (see attachment).
As CSF is a "must" for DirectAdmin, I am confident DA will take a similar approach.

In addition, I think CloudLinux could be a good provider to keep CSF & LFD updated (maybe for free, like AlmaLinux), but I haven’t seen any communication from them about it so far.

By the way, I’m not personally too worried if ConfigServer shares its product with an open source license (or not), someone will surely do something about it. The cake is too big, and users like us are too attached to CSF.

Did you hear that pretty recently (March 2024), "Redis" was not distributed as open source anymore… still no trouble about this.

 

[DrWizzle]

I emailed waytotheweb a few weeks ago, and totally forgot about their reply. I was asking what they were doing with the domain, as CSF "phones home" to get updates. (as @zEitEr mentioned as a potential security risk very early on in this thread). Mentioned I am part of the DA community here (not cPanel as in the email reply). They are holding on to that for time being which is a little peace of mind. I also asked if they were releasing their other software under the GPLv3 as well, as that would help loads of users.

 

[vertahost]

Not to bring up a sort of offtopic but related thing on this thread, but throwing this out there, our team just released a plugin for directadmin to control firewalld, along with a bash wrapper that manages various aspects of firewalld, fwctl.sh.

The code can be found on our public github for review by anyone interested: https://github.com/vertahost/directadmin-firewalld-plugin

Now its not super feature-filled, like CSF/LFD but its a firewall manager, and it manages a basic firewall setup. The instructions im sure can be better, but if you are technically minded, should be somewhat easy to get setup. Ide recommend a fresh install of DA for testing before making things live.

We would also love to know what people think of it, or if any issues are found.

 

[mikepage]

Hi,

I did uninstall CSF on a new server and activated Imunify360 firewall functionality. I have documented some findings here

directadmin-csf-uninstall.md

GitHub Gist: instantly share code, notes, and snippets.

gist.github.com

Imunify360 Firewall "Default Blocking Mode" is "All open, except specified". This makes the server vulnerable to attacks, so I had to also activate the VPS provider firewall with all DirectAdmin related ports listed as open (see: https://docs.directadmin.com/operation-system-level/securing/firewall.html)

I have added Imunify360 Firewall port TCP 22 to manage whitelisted SSH IP's from DirectAdmin. Not sure why Imunify360 blocking mode "All close, except specified" is still experimental, would be better for security, also more tricky when SSH/DA is not properly whitelisted.

Kind regards,

Mike

 

[mikepage]

(please ignore my previous post)

The Imunify360 docs for Exim/Dovecot brute-force protection currently suggest that this module is supported only for cPanel.

However, when testing on DirectAdmin, I noticed in the logs that Imunify360 does pick up RBL events for Dovecot, which initially made it seem like it was supported. For example, you can enable the module with:

imunify360-agent config update '{"PAM": {"enable": true, "exim_dovecot_native": true, "exim_dovecot_protection": true}}'

After checking with CloudLinux support, they clarified the situation:

“I can see that PAM detected an RBL event here, though Imunify360 still hasn't officially supported Dovecot on DirectAdmin. This means that while some functions like RBL lookups may appear to work, the integration itself is not yet fully supported. You may still notice the following from Imunify360 error logs:

`WARNING [2025-08-27 09:35:10,874] im360.subsys.pam: imunify360-pam warnings: ['Dovecot is not supported for Directadmin.']”

So while certain parts of the functionality may work, full support for Dovecot on DirectAdmin is not yet available, despite what the logs might suggest.

 

[Richard G]

Way to the web put the scripts on their github an hour ago.

GitHub - waytotheweb/scripts: Scripts for Way to the Web Limited Products

Scripts for Way to the Web Limited Products. Contribute to waytotheweb/scripts development by creating an account on GitHub.

github.com

 

[eva2000]

Yup free scripts were released under open source licensing ~2hrs ago https://github.com/waytotheweb/scripts. I compared the CSF Firewall GPLv3 open source code (v15.00) to the last configserver.com released code (v14.24) and wrote a summary at https://github.com/centminmod/configserver-scripts/blob/main/README-gpl-csf.md.

 

[DrWizzle]

Yup free scripts were released under open source licensing ~2hrs ago https://github.com/waytotheweb/scripts. I compared the CSF Firewall GPLv3 open source code (v15.00) to the last configserver.com released code (v14.24) and wrote a summary at https://github.com/centminmod/configserver-scripts/blob/main/README-gpl-csf.md.

Just read your changelog and it's pretty comprehensive, thank you. Would just like to know, before I test this, is it safe to update all my copies of CSF on production servers without (much) anything breaking? Did you test this to get the comparisons?

Thanks!
Alan

 

[eva2000]

Just read your changelog and it's pretty comprehensive, thank you. Would just like to know, before I test this, is it safe to update all my copies of CSF on production servers without (much) anything breaking? Did you test this to get the comparisons?

Thanks!
Alan

Should be fine. Just so you know, updating to CSF Firewall v15.00 GPLv3 release will disable the auto-updating routine, so you will need to manually check for any future updates yourself and update all copies on all your servers when any future open source updates are made.

For my own use and that of my users, I have modified the CSF Firewall auto-update routines to utilise my own self-hosted CSF Firewall mirror URLs. This allows me to continue leveraging the CSF Firewall auto-update routine to populate future open-source/contributed GPLv3 release versions on any server that has my mirrored version. So I only have to update once to switch over on servers. I actually switched over for testing on my own servers ~4 weeks ago and no problems. And users started switching 4 days ago and ~100K requests in 4 days to the mirror so far. And CSF Firewall v15.00 GPLv3 code is no different, so don't expect any issues for now.

 

[DrWizzle]

Should be fine. Just so you know, updating to CSF Firewall v15.00 GPLv3 release will disable the auto-updating routine, so you will need to manually check for any future updates yourself and update all copies on all your servers when any future open source updates are made.

For my own use and that of my users, I have modified the CSF Firewall auto-update routines to utilise my own self-hosted CSF Firewall mirror URLs. This allows me to continue leveraging the CSF Firewall auto-update routine to populate future open-source/contributed GPLv3 release versions on any server that has my mirrored version. So I only have to update once to switch over on servers. I actually switched over for testing on my own servers ~4 weeks ago and no problems. And users started switching 4 days ago and ~100K requests in 4 days to the mirror so far. And CSF Firewall v15.00 GPLv3 code is no different, so don't expect any issues for now.

Thanks @eva2000 , that's brilliant.

Just out of curiosity, you mention your own mirrors. Have you just self hosted the files from GitHub and point your CSF installs to your mirror url in the downloadservers file? or is it a bit more complex than that? You mention they have turned off auto updating, so what files are affected and what would need replacing to get them all to auto search an url on one of my maintenance servers?

Cheers!
Alan

 

[eva2000]

Thanks @eva2000 , that's brilliant.

Just out of curiosity, you mention your own mirrors. Have you just self hosted the files from GitHub and point your CSF installs to your mirror url in the downloadservers file? or is it a bit more complex than that? You mention they have turned off auto updating, so what files are affected and what would need replacing to get them all to auto search an url on one of my maintenance servers?

Cheers!
Alan

For my mirror, I modified the code to point to my own self-hosted mirrors. Best way to figure out what changed is put v14.24 into Git private repo and commit changes. Then, put in the repo a separate branch for the committed version with v15.00. Then you can diff compare code and see where v15.00 GPLv3 version disabled the auto update routine

 

[exlhost]

Most likely DA team will add the new version 15 to directadmin asap.