Symptoms
You are receiving LFD failure notifications from cPanel.
When you check the status of LFD via the systemctl command, you find a message like the following:
# systemctl status lfd
● lfd.service - ConfigServer Firewall & Security - lfd
Loaded: loaded (/usr/lib/systemd/system/lfd.service; enabled; vendor preset: disabled)
Active: failed (Result: exit-code) since Sat 2021-03-20 22:46:50 JST; 7min ago
Process: 15680 ExecStart=/usr/sbin/lfd (code=exited, status=1/FAILURE)
Main PID: 8098 (code=killed, signal=KILL)
Mar 20 22:46:50 hostname.example.tld systemd[1]: Starting ConfigServer Firewall & Security - lfd...
Mar 20 22:46:50 hostname.example.tld lfd[15680]: Error: You have an unresolved error when starting csf. You need to restart csf successfully before starting lfd (see /etc/csf/csf.error)
Mar 20 22:46:50 hostname.example.tld systemd[1]: lfd.service: control process exited, code=exited status=1
Mar 20 22:46:50 hostname.example.tld systemd[1]: Failed to start ConfigServer Firewall & Security - lfd.
Mar 20 22:46:50 hostname.example.tld systemd[1]: Unit lfd.service entered failed state.
Mar 20 22:46:50 hostname.example.tld systemd[1]: lfd.service failed.
Description
Please keep in mind that Login Failure Deamon (LFD) by ConfigServer Firewall is a third-party application that is not created by, provided by, or supported by cPanel. This software is supported by ConfigServerFirewall and the community forums for ConfigServer Firewall. The following information is provided as a courtesy only. If you need further assistance, please reach out to the communify forums or ConfigServer directly:
ConfigServer Technical Support
Resolution
The key to resolving this error is to pay very close attention to the error message provided when you run the following command:
systemctl status lfd
In the example provided in the above Symptoms section, if you examine the message in detail you will find the following:
Mar 20 22:46:50 hostname.example.tld lfd[15680]: Error: You have an unresolved error when starting csf. You need to restart csf successfully before starting lfd (see /etc/csf/csf.error)
Notice that the error tells you to examine the following file:
(see /etc/csf/csf.error)
One example of what this file may contain is the following:
# cat /etc/csf/csf.error
Error: *Error* firewalld found to be running. You must stop and disable firewalld when using csf, at line 922 in /usr/sbin/csf
Notice that the error in that file specifically tells you to disable the firewalld service.
If you have the same error you can fix the issue with the steps in this guide:
How to disable the firewalld service with the systemctl command
Once you have disabled firewalld, you should restart ConfigServer and LFD by issuing the following command as the root user via SSH or Terminal:
csf -r
If you get a different error and you are not sure what to do, you could consider reaching out to the ConfigServer Community or Technical Support: