I have issues with clients connecting to my websites. I think i might have tracked it down to ipads with safari causing that they are not able to connect to my server;
Does anybody see anything strange in the config below which could cause a 'temporary' ban on IPs (within 5 minutes the site access is restored btw)?
I optionally would like to re-install CSF and Firewall to make sure it is on its' defaults; but i am not sure if i would need to use the script from Zeiter (https://help.poralix.com/articles/how-to-block-ips-with-csf-directadmin-bfm) or the 'install.directadmin.sh' script which is now part of the CSF package..
If i compare the install from 2018 with the current config this is the difference:
Any thoughts where i might look at?
Does anybody see anything strange in the config below which could cause a 'temporary' ban on IPs (within 5 minutes the site access is restored btw)?
I optionally would like to re-install CSF and Firewall to make sure it is on its' defaults; but i am not sure if i would need to use the script from Zeiter (https://help.poralix.com/articles/how-to-block-ips-with-csf-directadmin-bfm) or the 'install.directadmin.sh' script which is now part of the CSF package..
If i compare the install from 2018 with the current config this is the difference:
SETTING | 1542219055_pre_v12_08_upgrade | current |
DIRECTADMIN_LOG_R | /var/www/html/roundcube/logs/errors | /var/www/html/roundcube/logs/errors.log |
IGNORE_ALLOW | 0 | 1 |
IPV6 | 0 | 1 |
LF_DIRECTADMIN | 5 | 10 |
LF_DIRECTADMIN_PERM | 1 | 3600 |
LF_EMAIL_ALERT | 1 | 0 |
LF_FTPD | 10 | 20 |
LF_FTPD_PERM | 1 | 3600 |
LF_HTACCESS | 5 | 10 |
LF_HTACCESS_PERM | 1 | 3600 |
LF_IMAPD | 10 | 20 |
LF_IMAPD_PERM | 1 | 3600 |
LF_MODSEC | 5 | 25 |
LF_PERMBLOCK_ALERT | 1 | 0 |
LF_POP3D | 10 | 20 |
LF_POP3D_PERM | 1 | 3600 |
LF_SMTPAUTH | 5 | 20 |
LF_SMTPAUTH_PERM | 1 | 3600 |
LF_SSHD | 5 | 10 |
LF_SSHD_PERM | 1 | 86400 |
LT_EMAIL_ALERT | 1 | 0 |
RESTRICT_SYSLOG | 0 | 3 |
SYSLOG_CHECK | 0 | 300 |
TCP6_IN | 20,21,22,25,53,80,110,143,443,465,587,993,995,2222 | 20,21,22,25,53,80,110,143,443,465,587,993,995,2222,35000:35999 |
TCP6_OUT | 20,21,22,25,53,80,110,113,443,587,993,995,2222 | 20,21,22,25,53,80,110,113,443,587,993,995,2222,35000:65535 |
TCP_IN | 20,21,22,25,53,80,110,143,443,465,587,993,995,2222 | 20,21,22,25,53,80,110,143,443,465,587,993,995,3306,2222,35000:35999 |
TCP_OUT | 20,21,22,25,53,80,110,113,443,587,993,995,2222 | 20,21,22,25,53,80,110,113,443,587,993,995,3306,2222,35000:65535 |
TESTING | 1 | 0 |
UDP_IN | 20,21,53 | 20,21,53,33434:33523 |
WAITLOCK | 0 | 1 |
Any thoughts where i might look at?