After you have installed CSF/LFD with the directadmin, you might have checked the Server Security through CSF web interface and the following warning message with suggestion will appear:

 

Well if you don’t like those red colors then keep reading how to remove them:

 

  1. In the first section of the error. The error appears because you might have set those options to “0” in /etc/csf/csf.conf. In order to disable the first section’s warning, you need to comment the Server Checking code at:/usr/local/csf/lib/ConfigServer.ServerCheck.pm:

 

Find this line

$status = 0; my @options = ("LF_SSHD","LF_FTPD","LF_SMTPAUTH","LF_POP3D","LF_IMAPD","LF_HTACCESS","LF_MODSEC","LF_CPANEL","LF_CPANEL_ALERT","SYSLOG_CHECK","RESTRICT_UI"); if ($config{GENERIC}) {@options = ("LF_SSHD","LF_FTPD","LF_SMTPAUTH","LF_POP3D","LF_IMAPD","LF_HTACCESS","LF_MODSEC","SYSLOG_CHECK","FASTSTART","RESTRICT_UI");} if ($config{DNSONLY}) {@options = ("LF_SSHD","LF_CPANEL","SYSLOG_CHECK","FASTSTART","RESTRICT_UI")} foreach my $option (@options) { $status = 0; unless ($config{$option}) {$status = 1;} &addline($status,"$option option check","This option helps prevent brute force attacks on your server services"); } $status = 0; unless ($config{LF_DIRWATCH}) {$status = 1} &addline($status,"LF_DIRWATCH option check","This option will notify when a suspicious file is found in one of the common temp directories on the server");

and comment it

 

$status = 0; my @options = ("LF_SSHD","LF_FTPD","LF_SMTPAUTH","LF_POP3D","LF_IMAPD","LF_HTACCESS","LF_MODSEC","LF_CPANEL","LF_CPANEL_ALERT","SYSLOG_CHECK","RESTRICT_UI"); if ($config{GENERIC}) {@options = ("LF_SSHD","LF_FTPD","LF_SMTPAUTH","LF_POP3D","LF_IMAPD","LF_HTACCESS","LF_MODSEC","SYSLOG_CHECK","FASTSTART","RESTRICT_UI");} if ($config{DNSONLY}) {@options = ("LF_SSHD","LF_CPANEL","SYSLOG_CHECK","FASTSTART","RESTRICT_UI")} #foreach my $option (@options) { #$status = 0; #unless ($config{$option}) {$status = 1;} #&addline($status,"$option option check","This option helps prevent brute force attacks on your server services"); #} $status = 0; unless ($config{LF_DIRWATCH}) {$status = 1} &addline($status,"LF_DIRWATCH option check","This option will notify when a suspicious file is found in one of the common temp directories on the server");

 

That’s it. I know this is hard coding but if someone can let CSF team know they should avoid this security checking if we use directadmin + CSF. Example of the code:

open (my $IN, "<", "/etc/csf/csf.conf"); flock ($IN, LOCK_SH); my @conf = <$IN>; close ($IN); chomp @conf; if (my @ls = grep {$_ =~ /^\s*(DIRECTADMIN)\s*=\s*1/i} @conf) { #If csf.conf contains the value DIRECTADMIN=1, which always true if using directadmin installation method Don't do anything $status = 1 } else { #Else print status $status = 0 &addline($status,"$option option check","This option helps prevent brute force attacks on your server services"); }

 

2) For the 2nd section of the error message related to the mysql. The solution is to edit /etc/my.cnf

So the content of the /etc/my.cnf should be

 

[mysqld] max_connections=300 local-infile=0

 

Save the file and restart mysqld.

 

For the /etc/dovecot.conf, make a backup then download config file from directadmin service

 

mv /etc/dovecot.conf /etc/dovecot.conf.bak wget -O /etc/dovecot.conf http://files.directadmin.com/services/custombuild/dovecot

restart exim and dovecot.

The warning should go and everything should be green. Good luck!