csf – Blog

How to fix CSF’s error Another app is currently holding the xtables lock

2055 admin

August 13, 2021 at 1:23 pm (last edited January 27, 2022 at 6:06 pm)

The error should be looking as below:

You have an unresolved error when starting csf:
Error: Error processing command for line [339] (6 times): [Another app is currently holding the xtables lock. Perhaps you want to use the -w option?], at line 339 in /usr/sbin/csf

You need to restart csf successfully to remove this warning, or delete /etc/csf/csf.error… Read the rest

Configure CSF on CentOS 7

1789 admin

September 23, 2019 at 5:46 am

Install needful packages if you haven’t yet

yum install wget vim perl-libwww-perl.noarch perl-Time-HiRes -y

Download and install CSF

cd /usr/src/
wget https://download.configserver.com/csf.tgz
tar -xzf csf.tgz
cd csf
sh install.sh

Run test:

cd /usr/local/csf/bin/
perl csftest.pl

Disable default Centos 7 firewall if you have it installed

systemctl stop firewalld
systemctl disable firewalld

Disable testing mode

cd /etc/csf/
vim csf.conf

… Read the rest

How to temporary whitelist IP address using CSF command line

1382 admin

November 29, 2018 at 9:32 pm

To temporary allow connection from 123.123.123.123 for 3 days

csf -ta 123.123.123.123 3d

… Read the rest

How to enable cPanel CalDAV

1225 admin

August 10, 2018 at 10:09 pm (last edited September 12, 2018 at 3:00 am)

Enable DAV daemon over WHM –> Service Manager

Remove if needed from disable features WHM –> Feature Manager

Allowing ports 2077, 2078, 2079, and 2080 in your firewall

If CSF update csf.conf TCP_IN with the ports range 2077:2080:

/etc/csf/csf.conf

TCP_IN = "20,21,22,25,26,80,110,143,443,465,587,993,995,2082,2083,2086,2087,2095,2096,2077:2080"

Restart csf

csf -r

cPanel's documentation:

https://documentation.cpanel.net/display/CKB/How+to+Set+Up+Calendars+and+Contacts… Read the rest

How to configure firewall on CentOS cPanel server to use IPSET

917 admin

January 21, 2016 at 2:53 pm

This will improve your firewall's performance

Install IPSET using:

yum install ipset ipset-devel -y

Update configuration file /etc/csf/csf.conf. Value for LF_IPSET needs to be set to 1 to get it enabled

Once its done go ahead and increase DENY_IP_LIMIT and DENY_TEMP_IP_LIMIT values for example up to 3000

You may use the following sed command for that

sed -i -e 's/LF_IPSET = "0"/LF_IPSET = "1"/g' /etc/csf/csf.conf

… Read the rest

How to install CSF firewall on CentOS cPanel server

914 admin

January 21, 2016 at 2:38 pm (last edited September 21, 2019 at 8:07 pm)

Download and install using:

wget https://download.configserver.com/csf.tgz
tar xfz csf.tgz
cd csf
sh install.sh

Update the following file with a trusted IP addresses

/etc/csf/csf.allow

Go ahead and disable testing mode

sed -i -e 's/TESTING = "1"/TESTING = "0"/g' /etc/csf/csf.conf

Once done, restart your firewall

csf -r

To add your IP address to a permanent allow list use:

csf -a 11.22.33.44

To block an IP address:

csf -d 11.22.33.44

Use following to see the lfd logs

tail -f /var/log/lfd.log

… Read the rest

How to install csf in Ubuntu or Linux server

161 admin

September 9, 2012 at 11:08 am (last edited September 23, 2019 at 5:35 am)

CSF is a firewall that can be installed on linux based severs to enhance the security. It can be installed even on a server based on cPanel. It can be configured to find out hacking attempts through ssh etc. Can be used for ip whitelisting and blacklisting.… Read the rest