https://devcodepro.comdevcodepro

SSH CSF - ConfigServer Commands

Common SSH commands for CSF [ConfigServer]

csf -v	Show csf version
csf -l	Status
csf -l6	List/Show the IPv6 ip6tables configuration
csf -f	Flush/Stop firewall rules (Note: lfd may restart csf)
csf -s	Start the firewall rules
csf -r	Restart firewall rules (csf)
csf -sf	Force CLI restart regardless of LFDSTART setting
csf -ra	Quick restart (csf restarted by lfd)
csf -q	Restart firewall rules (csf) and then restart lfd daemon.
csf --lfd	[stop\|start\|restart\|status] Actions to take with the lfd daemon
csf -a	Allow an IP and add to /etc/csf/csf.allow Example: csf -a 255.255.255.0
csf -ar	Remove an IP from /etc/csf/csf.allow Example: csf -ar 255.255.255.0
csf -d	Deny an IP and add to /etc/csf/csf.deny Example: csf -d 255.255.255.0
csf -dr	Unblock an IP and remove from /etc/csf/csf.deny Example: csf -dr 255.255.255.0
csf -df	Remove and unblock all entries in /etc/csf/csf.deny
csf -g	Search the iptables and ip6tables rules for a match (Port Number or IP)
csf -t	Displays the current list of temporary allow and deny IP entries
csf -tf	Flush all IPs from the temporary IP entries
csf -cp	PING all members in an lfd Cluster
csf -m	Display Server Check in HTML or email to [email] if present. Example: csf -m [email protected]
csf --rbl	Process and display RBL Check in HTML or email to [email] if present
csf -lr	Initiate Log Scanner report via lfd
csf -p	View ports on the server that have a running process behind them listening for external connections
csf -x	Disable csf and lfd completely
csf -e	Enable csf and lfd if previously disabled
csf -c	Check for updates to csf but do not upgrade
csf -u	Check for updates to csf and upgrade if available
csf -uf	Force an update of csf whether and upgrade is required or not

AD · www.interserver.net/r/240055

Interserver | Standard & VPS Cloud Hosting | $2.50 /Month

Flexible VPS hosting platform to deploy your online projects. Economical and balanced between processor cores, memory and storage

rated 44 times (44) (0)

comments: 2 / hits: 4776 / 7 years ago, wed, dec 28, 16, 04:11:52

Comments

You can also stop, restart and start csf with commands:

Code:

/etc/init.d/csf stop

Code:

/etc/init.d/csf restart

Code:

/etc/init.d/csf start

[#2] Saturday, January 7, 2017, 9:24:46

commented 7 years ago

jimmy

This script should ONLY be used by the init process. To restart csf use the CLI command 'csf -r'

(+1)

(-0)

commented 4 years ago, Mon, Dec 23, 2019, 11:25:58 pport

Check csf is working correctly:

Code:

perl /etc/csf/csftest.pl

[#3] Saturday, February 18, 2017, 12:28:08

commented 6 years ago

Micky

Only authorized users can post. Please sign in first, or register a free account

Posted

paki

Member since Sep 7, 2016

Total Points: 127

Total Code Snippets: 12

Total Comments: 0

Location: n/a

paki snippets

CentOS - SpamAssassin and Exim

7 years ago, thu, sep 8, 16, 3:04:22

<h3>1. Install Spamassassin [SSH]:</h3> <blockquote>sudo yum install spamassassin</blockquote> <h3>2. Create file filters in /etc/exim/ folder with code:</h3> <blockquote>if $h_X-Spam-Flag: contains "YES" then headers add "Old-Subject: $h_subject" headers remove "Subject" headers add "Subject: ***[SPAM]*** $h_old-subject" headers remove "Old-Subject" endif</blockquote> <h3>3. In etc/exim/exim.conf after this line:</h3> <blockquote># $Cambridge: exim/exim-src/src/configure.default,v 1.14 2009/10/16 07:46:13 tom Exp $</blockquote> put this line: <blockquote>system_filter = /etc/exim/filters</blockquote> <h3>4. In etc/exim/exim.conf replace:</h3> <blockquote>#spamd_address = 127.0.0.1 783</blockquote> with: <blockquote>spamd_address = 127.0.0.1 783</blockquote> <h3>5. In etc/exim/exim.conf replace:</h3> <blockquote># Bypass SpamAssassin checks if the message is too large. # #accept condition = ${if >={$message_size}{100000} {1}} #add_header = X-Spam-Note: SpamAssassin run bypassed due to message size # Run SpamAssassin, but allow for it to fail or time out. Add a warning message # and accept the mail if that happens. Add an X-Spam-Flag: header if the SA # score exceeds the SA system threshold. # #warn spam = nobody/defer_ok #add_header = X-Spam-Flag: YES #add_header = X-Spam-Subject: [SPAM] $h_Subject #accept condition = ${if !def:spam_score_int {1}} #add_header = X-Spam-Note: SpamAssassin invocation failed # Unconditionally add score and report headers # #warn add_header = X-Spam-Score: $spam_score ($spam_bar)n #X-Spam-Report: $spam_report</blockquote> with: <blockquote># Bypass SpamAssassin checks if the message is too large. # # accept condition = ${if >={$message_size}{100000} {1}} # add_header = X-Spam-Note: SpamAssassin run bypassed due to message size # Run SpamAssassin, but allow for it to fail or time out. Add a warning message # and accept the mail if that happens. Add an X-Spam-Flag: header if the SA # score exceeds the SA system threshold. # warn spam = nobody/defer_ok add_header = X-Spam-Flag: YES # accept condition = ${if !def:spam_score_int {1}} add_header = X-Spam-Note: SpamAssassin invocation failed # # Unconditionally add score and report headers # warn add_header = X-Spam-Report: $spam_report</blockquote> <h3>6. Check this code exist in /etc/mail/spamassassin/local.cf</h3> <blockquote># These values can be overridden by editing ~/.spamassassin/user_prefs.cf # (see spamassassin(1) for details) # These should be safe assumptions and allow for simple visual sifting # without risking lost emails. required_hits 5 report_safe 0 rewrite_header Subject [SPAM] required_score 1.3</blockquote> <h3>7. Restart Spamassassin [SSH]:</h3> <blockquote>/etc/init.d/spamassassin restart</blockquote> <h3>8. Restart Exim [SSH]:</h3> <blockquote>service exim restart</blockquote>

comments: 1 / hits: 6312

Plain Text

Simple CSS Javascript Share Buttons

7 years ago, tue, jan 3, 17, 3:37:12

<!DOCTYPE html> <html lang="en"> <head> <title>Share Buttons</title> <meta name="description" content="Simple CSS javascript social share buttons" /> <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1" /> <style> .buttons a{display:inline-table;margin-right:20px;font-family:'Trebuchet MS',tahoma,verdana;font-weight:800;font-size:15px;text-decoration:none;} .buttons a:hover{opacity:0.8;} .twitterLink{background: #2EACDC;padding:5px 38px;color:#fff;} .googleLink{background: #C3392C;padding:5px 38px;color:#fff;} .facebookLink{background: #46649E;padding:5px 38px;color:#fff;} </style> </head> <body> <div class="buttons"> <a class="twitterLink" href="#" onclick="(function() {if (!window.open('https://twitter.com/intent/tweet?url=' + encodeURIComponent(window.location) + '&text=' + encodeURIComponent(document.title) + '', 'enter', 'left=100,top=120;location=yes,links=no,scrollbars=no,toolbar=no,width=690,height=360')) location.href = 'jump=yes'})();return false;">Twitter</a> <a class="googleLink" href="#" onclick="(function() {if (!window.open('https://plus.google.com/share?url=' + encodeURIComponent(window.location) + '', 'enter', 'left=100,top=120;location=yes,links=no,scrollbars=no,toolbar=no,width=690,height=360')) location.href = 'jump=yes'})();return false;">Google Plus</a> <a class="facebookLink" href="#" onclick="(function() {if (!window.open('https://www.facebook.com/sharer/sharer.php?u=' + encodeURIComponent(window.location) + '', 'enter', 'left=100,top=120;location=yes,links=no,scrollbars=no,toolbar=no,width=690,height=360')) location.href = 'jump=yes'})();return false;">FaceBook</a> </div> </body> </html>

comments: 0 / hits: 2637

HTML, XML

Basic ClamAV SSH Command Line Commands

7 years ago, thu, jan 19, 17, 5:40:32

<table> <tr> <td>service clamd status</td><td>Check status</td> </tr> <tr> <td>service clamd start</td><td>Start service</td> </tr> <tr> <td>service clamd stop</td><td>Stop service</td> </tr> <tr> <td>service clamd restart</td><td>Restart service</td> </tr> <tr> <td>service clamd reload</td><td>Reload service</td> </tr> <tr> <td>freshclam -V</td><td>Version info</td> </tr> <tr> <td>clamscan -V</td><td>Version info 2</td> </tr> <tr> <td>clamscan -h</td><td>Print help screen</td> </tr> <tr> <td>clamscan -r -i</td><td>Scan all files</td> </tr> <tr> <td>clamscan -r -i /home</td><td>Scan all files in home directory</td> </tr> <tr> <td>clamscan -l scanlog.log</td><td>Save scan report to file</td> </tr> <tr> <td>clamscan -r -i /home -l scanlog.log</td><td>Scan all files in home directory and save scan report to file</td> </tr> <tr> <td>yum upgrade clamav</td><td>Upgrade Clamav</td> </tr> <tr> <td>yum update clamav</td><td>Update Clamav</td> </tr> </table>

comments: 0 / hits: 8138

Plain Text

Leverage browser caching htaccess

6 years ago, sat, jun 10, 17, 3:16:28

###You will need to make sure the following modules are enabled in httpd.conf ###LoadModule filter_module modules/mod_filter.so ###LoadModule deflate_module modules/mod_deflate.so ###LoadModule deflate_module modules/mod_deflate.so <IfModule mod_expires.c> ExpiresActive On ExpiresByType text/css "access 1 year" ExpiresByType text/html "access 1 year" ExpiresByType image/jpg "access 1 year" ExpiresByType image/jpeg "access 1 year" ExpiresByType image/gif "access 1 year" ExpiresByType image/png "access 1 year" ExpiresByType application/pdf "access 1 year" ExpiresByType font/truetype "access plus 1 year" ExpiresByType font/opentype "access plus 1 year" ExpiresByType application/x-font-woff "access plus 1 year" ExpiresByType image/svg+xml "access plus 1 year" ExpiresByType application/vnd.ms-fontobject "access plus 1 year" ExpiresByType text/javascript "access plus 1 year" ExpiresByType text/x-javascript "access plus 1 year" ExpiresByType application/javascript "access plus 1 year" ExpiresByType application/x-javascript "access plus 1 year" ExpiresByType application/x-shockwave-flash "access 1 year" ExpiresByType image/x-icon "access 1 year" ExpiresDefault "access 1 year" </IfModule> ########################################## <IfModule mod_deflate.c> AddOutputFilterByType DEFLATE application/javascript AddOutputFilterByType DEFLATE application/rss+xml AddOutputFilterByType DEFLATE application/vnd.ms-fontobject AddOutputFilterByType DEFLATE application/x-font AddOutputFilterByType DEFLATE application/x-font-truetype AddOutputFilterByType DEFLATE application/x-font-ttf AddOutputFilterByType DEFLATE application/x-font-opentype AddOutputFilterByType DEFLATE application/x-font-otf AddOutputFilterByType DEFLATE application/x-javascript AddOutputFilterByType DEFLATE application/xhtml+xml AddOutputFilterByType DEFLATE application/xml AddOutputFilterByType DEFLATE font/otf AddOutputFilterByType DEFLATE font/ttf AddOutputFilterByType DEFLATE font/opentype AddOutputFilterByType DEFLATE image/svg+xml AddOutputFilterByType DEFLATE image/x-icon AddOutputFilterByType DEFLATE text/css AddOutputFilterByType DEFLATE text/html AddOutputFilterByType DEFLATE text/javascript AddOutputFilterByType DEFLATE text/plain AddOutputFilterByType DEFLATE text/xml </IfModule>

comments: 0 / hits: 2858

Apache

CSF block force attacks on Exim

6 years ago, mon, jun 26, 17, 9:21:15

1. Backup /etc/csf/csf.conf 2. Make sure this exist in /etc/csf/csf.conf <blockquote>LF_DAEMON = "1"</blockquote> <blockquote>LF_CSF = "1"</blockquote> <blockquote>SMTP_BLOCK = "1"</blockquote> <blockquote>SMTPAUTH_LOG = "/var/log/exim/reject.log" SMTPRELAY_LOG = "/var/log/exim_mainlog" POP3D_LOG = "/var/log/maillog" IMAPD_LOG = "/var/log/maillog" SCRIPT_LOG = "/var/log/exim_mainlog"</blockquote> <font color="red">If reject.log not exist replace with log file with "Incorrect authentication data" messages</font> 3. Restart LFD <blockquote>csf --lfd restart</blockquote> 4. Restart csf <blockquote>csf -r</blockquote> Output in /etc/csf/csf.deny <blockquote>212.129.11.11 # lfd: (smtpauth) Failed SMTP AUTH login from 212.129.11.11<br />(FR/France/212-129-63-54.example.com): 5 in the last 3600 secs - Mon Jun 26 08:10:47 2017</blockquote>

comments: 0 / hits: 4258

Plain Text

Exim mail queue commands

6 years ago, sat, sep 2, 17, 4:26:09

<table> <tr> <td>exim -bpc</td><td>number of emails in queue</td> </tr> <tr> <td>exim -bp</td><td>print a list of messages in queue</td> </tr> <tr> <td>exim -qf</td><td>force deliver all messages in queue</td> </tr> <tr> <td>exim -Mrm <font color="red">mesageid</font></td><td>remove message from the queue</td> </tr> <tr> <td>exim -Mvh <font color="red">mesageid</font></td><td>view message headers</td> </tr> <tr> <td>exim -Mvb <font color="red">mesageid</td><td>view message body</td> </tr> <tr> <td>exim -bp | exiqgrep -i | xargs exim -Mrm</td><td>remove the entire queue</td> </tr> </table>

comments: 1 / hits: 3379

Plain Text

Warning: purging the environment. Suggested action: use keep_environment issue

5 years ago, tue, feb 27, 18, 9:25:15

<table> <tr><td>1. Open etc/exim/exim.conf</td></tr> <tr><td>2. Directly after this code line: <blockquote># $Cambridge: exim/exim-src/src/configure.default,v 1.14 2009/10/16 07:46:13 tom Exp $</blockquote> add: <blockquote>keep_environment = X-SOURCE : X-SOURCE-ARGS : X-SOURCE-DIR add_environment = PATH=/usr/local/sbin::/usr/local/bin::/sbin::/bin::/usr/sbin::/usr/bin::/sbin::/bin</blockquote></td></tr> <tr><td>3. Restart Exim: <blockquote>service exim restart</blockquote></td></tr> </table>

comments: 0 / hits: 2410

Plain Text

SSH IPTables command to block IP Address

5 years ago, tue, feb 27, 18, 9:41:12

[[email protected] ~]# iptables -A INPUT -s x.xx.xx.xx -p tcp --dport 25 -j REJECT [[email protected] ~]# service iptables save [[email protected] ~]# service iptables restart

comments: 0 / hits: 2332

Plain Text

Exim - How to block certain domain

5 years ago, wed, feb 28, 18, 11:02:34

1. In etc/exim/exim.conf after this line: <blockquote># $Cambridge: exim/exim-src/src/configure.default,v 1.14 2009/10/16 07:46:13 tom Exp $</blockquote> put this line: <blockquote>system_filter = /etc/exim/filters</blockquote> 2. Create file filters in /etc/exim/ folder with code: <blockquote>if $header_from: contains "example.com" or $header_from: contains "example2.com" then fail endif</blockquote> 3. Restart Exim: <blockquote>service exim restart</blockquote> 4. Log: <blockquote>2018-02-28 10:48:37 1gr3f4-0081uq-O7 <= [email protected] H=g.example.com [xxx.xxx.xx.xx] 2018-02-28 10:48:37 1gr3f4-0081uq-O7 cancelled by system filter</blockquote>

comments: 0 / hits: 2194

Plain Text