我在 cPanel 安装中设置了 CSF,以帮助管理防火墙并提供暴力破解保护。CSF(实际上是 LFD,包含在内)的功能之一是能够阻止列入阻止列表(例如 spamhaus 或 OpenBL)的 IP 地址。虽然这在开始时运行良好,但我开始注意到我的 LFD 日志文件中有一个重复出现的条目:
无法检索阻止列表 RBN - 无法下载:404 - 未找到
检查csf.blocklists文件后,似乎列出的 URL(http://rules.emergingthreats.net/blockrules/rbn-ips.txt) 确实已不复存在。
我的解决方案似乎很简单,我只需从中删除 RBN 阻止列表csf.blocklists即可。不幸的是,重新启动 LFD 后,阻止列表又回到了原来的位置。
经过进一步测试,似乎我根本无法修改这个文件,每次我更改它(即使只是添加注释或空行)并重新启动 LFD,我的更改都会被恢复。
文件中的标题注释如下:
###############################################################################
# Copyright 2006-2013, Way to the Web Limited
# URL: http://www.configserver.com
# Email: [email protected]
###############################################################################
# This file contains definitions to IP BLOCK lists.
#
# Uncomment the line starting with the rule name to use it, then restart csf
# and then lfd
#
# Each block list must be listed on per line: as NAME|INTERVAL|MAX|URL
# NAME : List name with all uppercase alphabetic characters with no
# spaces and a maximum of 9 characters - this will be used as the
# iptables chain name
# INTERVAL: Refresh interval to download the list, must be a minimum of 3600
# seconds (an hour), but 86400 (a day) should be more than enough
# MAX : This is the maximum number of IP addresses to use from the list,
# a value of 0 means all IPs
# URL : The URL to download the list from
#
# Note: Some of thsese lists are very long (thousands of IP addresses) and
# could cause serious network and/or performance issues, so setting a value for
# the MAX field should be considered
#
# After making any changes to this file you must restart csf and then lfd
#
# If you want to redownload a blocklist you must first delete
# /etc/csf/csf.block.NAME and then restart csf and then lfd
#
# Each URL is scanned for an IPv4/CIDR address per line and if found is blocked
我按照它说的做了:修改了文件,重新启动了 CSF,然后重新启动了 LFD,但我的更改仍然被恢复。
我也尝试重新安装 CSF 或从 Web UI 修改 csf.blocklists,但这两种解决方案都无法解决我的问题。
该服务器运行 CloudLinux 6.8 和 cPanel 58.0,使用 CSF v9.24
任何关于解决此问题的帮助都将非常感激!