Page 15 of 15

Re: [HOWTO] Install CSF + Use it's GUI in VestaCP

Posted: Thu May 30, 2019 2:28 pm
by SS88
cvondra wrote:
Thu May 30, 2019 3:17 am
Having an issue. When in the main/first page of CSF when attempting to "View lfd statistics"

Image

I get broken images and no graph.

https://ibb.co/cg2LTfY

I'm on CentOS 7/PHP7.2+NGINX and I have GDGraph and GDGraph3D installed.

Any help would be greatly appreciated.

Thanks.
Try this command:

Code: Select all

chmod 0644 /usr/local/vesta/web/list/csf/lfd_*

Re: [HOWTO] Install CSF + Use it's GUI in VestaCP

Posted: Thu May 30, 2019 3:43 pm
by cvondra
Awesome. Thanks a ton!

Re: [HOWTO] Install CSF + Use it's GUI in VestaCP

Posted: Fri Aug 30, 2019 3:28 am
by sysdop
The contribution is already old, CSF has officially launched a UI for VestaCP.

https://download.configserver.com/csf/changelog.txt

Code: Select all

13.05 - Added official CentOS Web Panel (CWP) integration and CWP panel
        specific configuration. See /etc/csf/readme.txt for more information
	(only tested on CentOS v7)

	Added official VestaCP integration and VestaCP specific configuration
	(only tested on CentOS v7)
Install

Code: Select all

cd /usr/src
rm -fv csf.tgz
wget https://download.configserver.com/csf.tgz
tar -xzf csf.tgz
cd csf
sh install.sh

Re: [HOWTO] Install CSF + Use it's GUI in VestaCP

Posted: Wed Sep 04, 2019 3:43 am
by plutocrat
This is cool. Thanks for the info. I'm a fan of CSF and install it on most of my VestaCPs.

Re: [HOWTO] Install CSF + Use it's GUI in VestaCP

Posted: Thu Dec 05, 2019 10:03 pm
by tlozano
plutocrat wrote:
Wed Sep 04, 2019 3:43 am
This is cool. Thanks for the info. I'm a fan of CSF and install it on most of my VestaCPs.
When install csf in centos 7... Is it necesary uninstall default firewall an fail2ban?.

What will be the correct steps to do a good install of CSF in centos 7.
Thank you

Re: [HOWTO] Install CSF + Use it's GUI in VestaCP

Posted: Fri Dec 06, 2019 4:03 am
by plutocrat
tlozano wrote:
Thu Dec 05, 2019 10:03 pm
When install csf in centos 7... Is it necesary uninstall default firewall an fail2ban?.
What will be the correct steps to do a good install of CSF in centos 7.
Thank you
I'm not sure if CSF does that automatically for you, but yes, you'd need to make sure that nothing else is trying to control iptables. In Vesta, that means checking /usr/local/vesta/conf/vesta.conf where you want to see:

Code: Select all

FIREWALL_SYSTEM=''
FIREWALL_EXTENSION=''
You can also disable fail2ban (not sure how centos does that ... systemctl stop/disable fail2ban ?) as CSF takes over those functions.

Re: [HOWTO] Install CSF + Use it's GUI in VestaCP

Posted: Fri Dec 06, 2019 7:19 pm
by tlozano
Thank you. I installed csf and config this as you recomended. Only one more dude....
How can I see the banneds ips? similar to fail2ban report.


thanks

plutocrat wrote:
Fri Dec 06, 2019 4:03 am
tlozano wrote:
Thu Dec 05, 2019 10:03 pm
When install csf in centos 7... Is it necesary uninstall default firewall an fail2ban?.
What will be the correct steps to do a good install of CSF in centos 7.
Thank you
I'm not sure if CSF does that automatically for you, but yes, you'd need to make sure that nothing else is trying to control iptables. In Vesta, that means checking /usr/local/vesta/conf/vesta.conf where you want to see:

Code: Select all

FIREWALL_SYSTEM=''
FIREWALL_EXTENSION=''
You can also disable fail2ban (not sure how centos does that ... systemctl stop/disable fail2ban ?) as CSF takes over those functions.

Re: [HOWTO] Install CSF + Use it's GUI in VestaCP

Posted: Sat Dec 07, 2019 7:52 am
by plutocrat
tlozano wrote:
Fri Dec 06, 2019 7:19 pm
How can I see the banneds ips? similar to fail2ban report.
They're added to /etc/csf/csf.deny with an explanation eg.

Code: Select all

174.138.188.83 # lfd: (smtpauth) Failed SMTP AUTH login from 174.138.188.83 (US/United States/vps241351.trouble-free.net): 5 in the last 3600 secs - Wed Nov 27 11:10:52 2019
185.234.219.105 # lfd: (smtpauth) Failed SMTP AUTH login from 185.234.219.105 (IE/Ireland/-): 5 in the last 3600 secs - Thu Nov 28 04:21:08 2019
45.227.253.212 # lfd: (smtpauth) Failed SMTP AUTH login from 45.227.253.212 (PA/Panama/hosting-by.directwebhost.org): 5 in the last 3600 secs - Thu Nov 28 08:03:10 2019
5.196.217.177 # lfd: 5.196.217.177 (FR/France/s2.claraz.com.br), 5 distributed smtpauth attacks on account [info@blah.com] in the last 3600 secs - Fri Nov 29 03:46:59 2019
151.80.75.127 # lfd: 151.80.75.127 (FR/France/-), 5 distributed smtpauth attacks on account [info@blah.com] in the last 3600 secs - Fri Nov 29 03:47:00 2019
185.234.219.51 # lfd: (smtpauth) Failed SMTP AUTH login from 185.234.219.51 (IE/Ireland/-): 5 in the last 3600 secs - Fri Nov 29 12:51:51 2019
74.92.190.9 # lfd: (smtpauth) Failed SMTP AUTH login from 74.92.190.9 (US/United States/74-92-190-9-Illinois.hfc.comcastbusiness.net): 5 in the last 3600 secs - Sat Nov 30 12:02:32 2019
You can code up a script to mail that to you if you want. CSF can also be told to alert you every time an IP is banned if you prefer. Look in the csf.conf file which is well documented. You'll be playing around with that for the next few weeks. You'll also need to familiarise yourself with csf.pignore so you can stop false alerts. I strongly suggest looking at the documentation on the CSF website.
https://download.configserver.com/csf/readme.txt

Re: [HOWTO] Install CSF + Use it's GUI in VestaCP

Posted: Mon Dec 09, 2019 5:26 pm
by tlozano
Thank You!!

plutocrat wrote:
Sat Dec 07, 2019 7:52 am
tlozano wrote:
Fri Dec 06, 2019 7:19 pm
How can I see the banneds ips? similar to fail2ban report.
They're added to /etc/csf/csf.deny with an explanation eg.

Code: Select all

174.138.188.83 # lfd: (smtpauth) Failed SMTP AUTH login from 174.138.188.83 (US/United States/vps241351.trouble-free.net): 5 in the last 3600 secs - Wed Nov 27 11:10:52 2019
185.234.219.105 # lfd: (smtpauth) Failed SMTP AUTH login from 185.234.219.105 (IE/Ireland/-): 5 in the last 3600 secs - Thu Nov 28 04:21:08 2019
45.227.253.212 # lfd: (smtpauth) Failed SMTP AUTH login from 45.227.253.212 (PA/Panama/hosting-by.directwebhost.org): 5 in the last 3600 secs - Thu Nov 28 08:03:10 2019
5.196.217.177 # lfd: 5.196.217.177 (FR/France/s2.claraz.com.br), 5 distributed smtpauth attacks on account [info@blah.com] in the last 3600 secs - Fri Nov 29 03:46:59 2019
151.80.75.127 # lfd: 151.80.75.127 (FR/France/-), 5 distributed smtpauth attacks on account [info@blah.com] in the last 3600 secs - Fri Nov 29 03:47:00 2019
185.234.219.51 # lfd: (smtpauth) Failed SMTP AUTH login from 185.234.219.51 (IE/Ireland/-): 5 in the last 3600 secs - Fri Nov 29 12:51:51 2019
74.92.190.9 # lfd: (smtpauth) Failed SMTP AUTH login from 74.92.190.9 (US/United States/74-92-190-9-Illinois.hfc.comcastbusiness.net): 5 in the last 3600 secs - Sat Nov 30 12:02:32 2019
You can code up a script to mail that to you if you want. CSF can also be told to alert you every time an IP is banned if you prefer. Look in the csf.conf file which is well documented. You'll be playing around with that for the next few weeks. You'll also need to familiarise yourself with csf.pignore so you can stop false alerts. I strongly suggest looking at the documentation on the CSF website.
https://download.configserver.com/csf/readme.txt