Where can I find CSF logs?

David Beroff

Well-known member
Joined
Jun 14, 2016
Messages
848
Best answers
0
Ratings
57
Points
28
#1
I have installed CSF on my VPS hosting and there are some people contacted me they could not access my site like they were blocked by my firewall, I want to find out the problem from log files of CSF, where can I find it and how solve this problem?
 

AlbaHost

Well-known member
Joined
Jan 18, 2017
Messages
276
Best answers
1
Ratings
61 3
Points
28
#2
Joined
Jan 18, 2017
Messages
48
Best answers
0
Ratings
1
Points
8
#3
If you type the below command you can see the reason for the IP block in your server.
csf -g IP_ADDRESS

csf -dr IP_ADDRESS ( to remove the IP from your firewall)

After that type csf -r to restart the firewall.
 

Dewlance

Well-known member
Joined
Dec 20, 2014
Messages
99
Best answers
0
Ratings
17 1
Points
0
#4
In my server I found /var/log/lfd.logs file.

Other is /var/logs/messages and also monitor CSF alert (Enable alert/notify option in your CSF configuration).
 
Joined
Jan 16, 2017
Messages
53
Best answers
0
Ratings
6
Points
0
#5
CSF logs are stored in /var/log/lfd.logs
 

David Beroff

Well-known member
Joined
Jun 14, 2016
Messages
848
Best answers
0
Ratings
57
Points
28
#6
In my server I found /var/log/lfd.logs file.

Other is /var/logs/messages and also monitor CSF alert (Enable alert/notify option in your CSF configuration).
CSF logs are stored in /var/log/lfd.logs
thanks you guys for sharing this piece of this info but when I typed this in SSH

nano /var/log/lfd.logs
there is no content there.

Is it possible to check if a file is existing in a folder in VPS, for example lfd.logs is existing in /var/log/?
 
Joined
Jan 16, 2017
Messages
53
Best answers
0
Ratings
6
Points
0
#7
You can run below command to confirm if file is present:

------
[[email protected] ~]# ls -ld /var/log/lfd.log
-rw------- 1 root root 12059 Mar 2 00:00 /var/log/lfd.log
------
 

mobin

Well-known member
Joined
Jun 22, 2017
Messages
153
Best answers
0
Ratings
36 1
Points
28
#10
How to solve - thats the main question here

How to check whether they are blocked in CSF ?
1. Collect the visitor's public IP address.
2. run command "csf -g <IP ADDRESS>" as root user from your server command line and check output. Its far better to check IP block than going through logs manually.

How to unblock if the IP address is blocked?
1. If its permanent block, run the command "csf -dr <IP ADDRESS>" as root user from your server command line
2. If its temporary block, run the command "csf -tr <IP ADDRESS>" as root user from your server command line

Also you need to let them know why the IP address was blocked [ you shiuld get the reason from csf -g command ] and ask them to take care to avoid another block.
 

austenite

Well-known member
Joined
Feb 15, 2017
Messages
98
Best answers
0
Ratings
9 1
Points
8
#11
If you're not confident in using the terminal to view logs and have CSF installed on a cPanel server theres a GUI log viewer as part of the CSF WHM plugin. Just search WHM for 'firewall'.

In the long run you should really learn how to grep log files.
 
Recommended Threads
Replies
6
Views
178
Replies
16
Views
6,074
Replies
6
Views
1,074

Latest postsNew threads

Latest Hosting OffersNew Reviews

Sponsors

Tag Cloud

You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.