Author Topic: CSF unblock script/module needed  (Read 1385 times)

0 Members and 1 Guest are viewing this topic.

Offline TommyK

  • 56
  • 3
  • Active Participant
  • ***
CSF unblock script/module needed
« on: November 06, 2014, 07:32:33 PM »
I would do it myself, but haven't got the skills needed. =)

There is a WHMCS module that would probably be a good start here;
https://code.google.com/p/franksworld/downloads/detail?name=unblockme-2.0.zip&can=2&q=

Anyone up for it? Would pay to get it done.  :)

Offline Lawrence

  • 573
  • 22
  • Community Manager
  • Active Participant
  • *****
    • Lawrence Wright
Re: CSF unblock script/module needed
« Reply #1 on: November 07, 2014, 12:07:42 AM »
Something like this would be great, "BUT" I just want to point out that allowing an IP through the firewall is incredibly dangerous (Even for standard customers).

Allowing an IP through the firewall would permit unrestricted access to the added IP, which means they would not be blocked if they decided to dictionary attack your server, or try to brute force your MySQL / Emails / SSH, etc,.

If someone takes this on, consider adding options to only allow unrestricted "Specific" areas / ports. You can customize what ports / areas the customer can access via the CSF Allow list.

Just my two cents. :)
Skype: sociallarry | AIM: larry.aim@aim.com | Forum Rules & Information

These forums are hosted by me with no intentions to ever monetize them. These forums are here solely for the benfit of the HostBill community.

Offline TommyK

  • 56
  • 3
  • Active Participant
  • ***
Re: CSF unblock script/module needed
« Reply #2 on: November 07, 2014, 12:41:00 AM »
Something like this would be great, "BUT" I just want to point out that allowing an IP through the firewall is incredibly dangerous (Even for standard customers).

Allowing an IP through the firewall would permit unrestricted access to the added IP, which means they would not be blocked if they decided to dictionary attack your server, or try to brute force your MySQL / Emails / SSH, etc,.

If someone takes this on, consider adding options to only allow unrestricted "Specific" areas / ports. You can customize what ports / areas the customer can access via the CSF Allow list.

Just my two cents. :)

This will only allow for logged in users to remove a temporary or permanent block they have received. They will still be blocked again if repeating the offense and it will not open any additional ports etc. Just removing a block. =)

Typically customers get blocked for entering the wrong password when logging in to cpanel/webmail, changing the password for their email account and forget to change a client, suspended customers who have their email client set to receive mail, trying to log in to wordpress too many times, modsec false positives, etc.

This accounts for a huge portion of our tickets and clients get anxious if we do not resolve immediately.

I have seen a few whmcs csf unblock plugins, where some of them have added security as of how many times you are able to unblock yourself etc. Might be a good addition to the linked script, but I would be happy with the functionality as is or with the added function to send a mail with information every time someone is unblocking themselves.

Offline Nicman

  • 35
  • 1
  • Active Participant
  • **
Re: CSF unblock script/module needed
« Reply #3 on: December 12, 2014, 05:04:24 AM »
+1 on this.

A clone from the most used WHMCS version could be fine. We only need (as others) the function to remove a temp or permanent block from CSF for the IP logged in Hostbill.

And sure, we would pay for it.

Offline BRJP

  • 543
  • 14
  • Community Managers
  • Active Participant
  • *****
    • SaneChoice Limited
Re: CSF unblock script/module needed
« Reply #4 on: December 12, 2014, 02:08:21 PM »
Sorry - I am struggling to follow this.  What are we trying to achieve here? 

Are we trying to ban IP addresses for a period of time if they try and brute force attach a client login or admin login?  Is that correct?
Kind regards,
Bradley Porter
--------------------
Find out more about SaneChoice Services at: https://www.sanechoice.com/

Offline Nicman

  • 35
  • 1
  • Active Participant
  • **
Re: CSF unblock script/module needed
« Reply #5 on: December 12, 2014, 02:23:37 PM »

Offline TommyK

  • 56
  • 3
  • Active Participant
  • ***
Re: CSF unblock script/module needed
« Reply #6 on: December 12, 2014, 02:24:07 PM »
Sorry - I am struggling to follow this.  What are we trying to achieve here? 

Are we trying to ban IP addresses for a period of time if they try and brute force attach a client login or admin login?  Is that correct?
Hi,

We are trying to give the clients the means to unban themselves if they accidentally get blocked by CSF/LFD which is the most common firewall installed on a cpanel server.

Offline BRJP

  • 543
  • 14
  • Community Managers
  • Active Participant
  • *****
    • SaneChoice Limited
Re: CSF unblock script/module needed
« Reply #7 on: December 12, 2014, 03:24:09 PM »
Thank you - I understand but, sadly, I cannot help in this case.
Kind regards,
Bradley Porter
--------------------
Find out more about SaneChoice Services at: https://www.sanechoice.com/

Offline TommyK

  • 56
  • 3
  • Active Participant
  • ***
Re: CSF unblock script/module needed
« Reply #8 on: July 17, 2016, 04:17:16 AM »
This is now incorporated in the cpanel 2 plugin. Haven't had the opportunity to test it myself yet, but the fact that it's there is promising.  :)