Community Forum
https://forum.vestacp.com/
If you do not see the CSF link then something has overwritten the file: /usr/local/vesta/web/templates/admin/panel.htmlamitz wrote:Hello,
yes i manully did the changes in /usr/local/vesta/web/templates/admin/panel.html
It worked but now it isn't.
I imagine so. You need GD::Graph installed, and this option enabled.brancalhone wrote:Thanks, it worked very well here.
it is possible to access the menu "View basic system statistics" in the CSF, to see the graphs it generates?
Code: Select all
Redirecting to /bin/systemctl status iptables.service
iptables.service - IPv4 firewall with iptables
Loaded: loaded (/usr/lib/systemd/system/iptables.service; enabled; vendor preset: disabled)
[color=#00BF00]Active: active (exited)[/color] since Sun 2016-03-06 18:14:53 CET; 17h ago
Process: 131 ExecStart=/usr/libexec/iptables/iptables.init start (code=exited, status=0/SUCCESS)
Main PID: 131 (code=exited, status=0/SUCCESS)
CGroup: /system.slice/iptables.service
Mar 06 18:12:13 server systemd[1]: Stopping IPv4 firewall with iptables...
Mar 06 18:12:13 server iptables.init[871]: iptables: Setting chains to polic...]
Mar 06 18:12:13 server iptables.init[871]: iptables: Flushing firewall rules...]
Mar 06 18:12:13 server iptables.init[871]: iptables: Unloading modules: [ OK ]
Mar 06 18:12:13 server systemd[1]: Stopped IPv4 firewall with iptables.
Mar 06 18:14:53 server systemd[1]: Starting IPv4 firewall with iptables...
Mar 06 18:14:54 server iptables.init[131]: iptables: Applying firewall rules...]
Hint: Some lines were ellipsized, use -l to show in full.Interesting. Try removing iptables from Vesta's configuration. That way Vesta will never try to start iptables and add in it's own rules.leisegang wrote:i installed Vesta with iptables and fail2ban.
When i go to server to view running processes the iptables says uptime 0 minutes always, and it is grey (not running)
doing a service iptables status in terminal gives me this:
it seems that i have no blocked IPs OR nothing in fail to ban. but sucuri is sending emails about loads of attemts to access sites.Code: Select all
Redirecting to /bin/systemctl status iptables.service iptables.service - IPv4 firewall with iptables Loaded: loaded (/usr/lib/systemd/system/iptables.service; enabled; vendor preset: disabled) [color=#00BF00]Active: active (exited)[/color] since Sun 2016-03-06 18:14:53 CET; 17h ago Process: 131 ExecStart=/usr/libexec/iptables/iptables.init start (code=exited, status=0/SUCCESS) Main PID: 131 (code=exited, status=0/SUCCESS) CGroup: /system.slice/iptables.service Mar 06 18:12:13 server systemd[1]: Stopping IPv4 firewall with iptables... Mar 06 18:12:13 server iptables.init[871]: iptables: Setting chains to polic...] Mar 06 18:12:13 server iptables.init[871]: iptables: Flushing firewall rules...] Mar 06 18:12:13 server iptables.init[871]: iptables: Unloading modules: [ OK ] Mar 06 18:12:13 server systemd[1]: Stopped IPv4 firewall with iptables. Mar 06 18:14:53 server systemd[1]: Starting IPv4 firewall with iptables... Mar 06 18:14:54 server iptables.init[131]: iptables: Applying firewall rules...] Hint: Some lines were ellipsized, use -l to show in full.
also i get messages about people trying to connect to ssh. but i cant see any blocks...
Code: Select all
#FIREWALL_SYSTEM='iptables'
FIREWALL_EXTENSION='fail2ban'Fail2ban for me is disabled and removed, only because CSF can do what you ask, but they both can work together.leisegang wrote:in my vesta.conf file.Code: Select all
#FIREWALL_SYSTEM='iptables' FIREWALL_EXTENSION='fail2ban'
What about fail2ban? should i disable that too?
isnt CSF doing much of the same? or can i use both together?
i want wordpress to add rules to fail2ban when someone is getting 5 wrong logins.
That will work but may do something with Vesta until you also remove them from the configuration file.leisegang wrote:can i just use yum remove iptables and yum remove fail2ban?
Or how do i remove them?