How to reduce false alerts in Linux Plesk CSF

Follow

When ConfigServer Security and Firewall (CSF) is installed on a Linux-based Plesk system. It doesn't automatically have ignore rules set for the basic webserver processes.

The subsequent false alerts that CSF will send can be quite overwhelming and alarming! There are better tools for monitoring the webserver processes, so it's worth having CSF ignore them.

To ignore the main processes:

1. Open the CSF process ignore file:
vim /etc/csf/csf.pignore

2. Add these lines:
user:postfix
user:apache
user:dovecot
user:mysql
user:nginx

3. Restart CSF:
csf -ra

Now CSF won't be spamming alerts for what is normal webserver activity.

Have more questions? Submit a request

Comments

Powered by Zendesk