Recently My sever got many errors within my ConfigServer Filrewall module:
Code: Select all
Oct 30 04:21:37 srv8 lfd[974616]: Unable to retrieve blocklist MAXMIND - Unable to download: Can't connect to www.maxmind.com:443 (Network is unreachable)
Oct 30 04:26:37 srv8 lfd[975527]: Unable to retrieve blocklist MAXMIND - Unable to download: Can't connect to www.maxmind.com:443 (Network is unreachable)
Oct 30 04:31:38 srv8 lfd[976765]: Unable to retrieve blocklist MAXMIND - Unable to download: Can't connect to www.maxmind.com:443 (Network is unreachable)
Looks Like maxmind.com was changed their network and using Content Delivery Network frame from CloudFlare Inc. which is : 104.17.27.25
I've added IP4:104.17.27.25 to csf - Quick allow Actions and the problems solved!:
Code: Select all
Oct 30 04:34:41 srv8 lfd[977840]: Retrieved and blocking blocklist MAXMIND IP address ranges
Oct 30 04:34:41 srv8 lfd[977840]: IPSET: loading set new_MAXMIND with 172 entries
Oct 30 04:34:41 srv8 lfd[977840]: IPSET: switching set new_MAXMIND to bl_MAXMIND
Oct 30 04:34:41 srv8 lfd[977840]: IPSET: loading set new_6_MAXMIND with 2 entries
Oct 30 04:34:41 srv8 lfd[977840]: IPSET: switching set new_6_MAXMIND to bl_6_MAXMIND
As far as MaxMind GeoIP purpose is to block all of Anonymous Proxies...
This will reduce the minFraud service (fraud detection) for a transactional risk analysis service.
CSF can use these option below. These otpion can be set to use:
1. Perl module HTTP::Tiny
2. Perl module LWP::UserAgent
3. CURL/WGET (set location at the bottom of csf.conf if installed)
HTTP::Tiny is much faster than LWP::UserAgent and is included in the csf distribution.
LWP::UserAgent may have to be installed manually, but it can better support https:// URL's which also needs the LWP::Protocol::https perl module
CURL/WGET uses the system binaries if installed but does not always provide good feedback when it fails. The script will first look for CURL, if that does not exist at the configured location it will then look for WGET
Additionally, 1 or 2 are used and the retrieval fails, then if either CURL or WGET are available, an additional attempt will be using CURL/WGET. This is useful if the perl distribution has outdated modules that do not support modern SSL/TLS implementations.
CSF recommend to setting this set... to "2" or "3" as upgrades to csf will be performed over SSL as well as other URLs used when retrieving external data.
To install the LWP perl modules required:
On rpm based systems: (RedHat and CloudLinux)
Code: Select all
yum install perl-libwww-perl.noarch perl-LWP-Protocol-https.noarch