[PLUGIN] ConfigServer Security & Firewall

CSF Directadmin Issue Permission denied [User:admin UID:501]- Solved

This is a simple permission issue in directadmin. The CSF in directadmin is running a setuid program. So it simply need to enable the setuid permission for the root user in this program. You may need to look into the following file ,

# ls -al /usr/local/directadmin/plugins/csf/exec/csf
-rwxr-xr-x 1 root root 8112 Jun 23 10:37 /usr/local/directadmin/plugins/csf/exec/csf

Now you need to enable the “S” bit as follows,

# chmod 4755 /usr/local/directadmin/plugins/csf/exec/csf
# ll /usr/local/directadmin/plugins/csf/exec/csf
-rwsr-xr-x 1 root root 8112 Jun 23 10:37 /usr/local/directadmin/plugins/csf/exec/csf

Now login to the directadmin as admin user and check the CSF page. It must work.

http://syslint.com/syslint/csf-directadmin-issue-permission-denied-useradmin-uid501-solved/
 
hi

i installed this and it all works ok. but when i click the "view lfd statistics" button it shows where images should be but they are blank. anyone got any ideas?
 
Hello,
Brand new to CSF and really enjoy it's features. I am running Centos 5.9 with DirectAdmin and would like to know where I can enable and configure the Block IP features to operate in the Brute Force Monitor section. In advance I thank you for your response.
B -
 
I just posted a bug report to the ConfigServer forum:

http://forum.configserver.com/viewtopic.php?f=4&t=7164

The ConfigServer Firewall blocks all ports if your ethernet ports aren't named eth0 and eth1.

Or at least if they're named em1 and em2, as mine are on our new Dell hardware.

I've Googled. Can't find anything. Is it possible I'm the first person to come across this, or more likely I'm missing the term I should be Googling?

Has anyone come across this and developed a workarund? I've got a copy of KISS that I've made work, but I prefer o use the ConfigServer firewall.

Jeff
 
Thats pretty strange, i do use DELL Server and never had this kind of issue.

You should check csf.conf for this values:

ETH_DEVICE = ""
ETH6_DEVICE = ""
ETH_DEVICE_SKIP = ""

And be sure those are blank.

PS. OT: Do you use OpenManage Server from DELL on those servers? Did you integrate it with Nagios/Munin?

Regards
 
Thanks for your reply. My recollection is that they were blank. I'm going to try again, using some GRUB change I found which should resolve the problem not only for the firewall but for everything network related. If that doesn't work I'll try adding 'em1' in the ETH_DDEVICE setting.

PS. OT: Do you use OpenManage Server from DELL on those servers? Did you integrate it with Nagios/Munin?
No; I've not done this. For more info on what I'm doing, feel free to email me.

Jeff
 
You should recompile PHP with Suhosin to add greater security to PHP

i already configure my php with ./build suphp

but still have error...
 
Last edited:
I am encountering the following error:

Code:
[root@vps1 ~]# perl /usr/local/csf/bin/csftest.pl
Testing ip_tables/iptable_filter...OK
Testing ipt_LOG...OK
Testing ipt_multiport/xt_multiport...FAILED [FATAL Error: FATAL: Could not load /lib/modules/2.6.32.60xls-domU/modules.dep: No such file or directory] - Required for csf to function
Testing ipt_REJECT...OK
Testing ipt_state/xt_state...OK
Testing ipt_limit/xt_limit...OK
Testing ipt_recent...OK
Testing xt_connlimit...OK
Testing ipt_owner/xt_owner...FAILED [Error: FATAL: Could not load /lib/modules/2.6.32.60xls-domU/modules.dep: No such file or directory] - Required for SMTP_BLOCK and UID/GID blocking features
Testing iptable_nat/ipt_REDIRECT...OK
Testing iptable_nat/ipt_DNAT...OK

RESULT: csf will not function on this server due to FATAL errors from missing modules [1]
[root@vps1 ~]#

Any suggestions?

edit: It seems to be related to my VPS being hosted by XEN, however I have not found a solution.
 
Last edited:
You should open a ticket with your hosting company. You hardly can load kernel modules from inside your VPS.
 
You should open a ticket with your hosting company. You hardly can load kernel modules from inside your VPS.
Alright I switched to the "custom Kernel" and now all values show OK. Now I will have to figure out how to maintain/update that kernel.
 
this is good to know about using a custom kernel, if you find out more info please post it :)

Alright I switched to the "custom Kernel" and now all values show OK. Now I will have to figure out how to maintain/update that kernel.
 
Apprently I am already running CentOS 6.5 final with the latest kernel.

cat /proc/sys/kernel/osrelease
2.6.32-431.11.2.el6.x86_64

So I guess for now I do not know :).

edit: It was basically just a "yum update" that is needed on CentOS.
 
Last edited:
My guess is that VPS can use either kernel maintained by a VPS provider, and in this case you are as a customer can not load additional modules there; or a kernel located in VPS itself (so called custom). With the latest variant you are free to do with the kernel whatever you want.
 
I asked the host about this and you assumption is correct. The default kernel is maintained and updated by the host. The latter is VPS specific.
 
Hi,

This is a great plugin.
I have installed and it seems to work but changes I made in firewall settings are not applied.
Do I have to confirm those settings to be applied ?
Thanks a lot

Just forget my post there is a Change button to press....
 
Last edited:
Back
Top