Skip to main content

PCI Scanning Being Blocked

Comments

5 comments

  • cPanelMichael
    have ControlScan's scanning IP range but I'm not sure if I need to set that somewhere or not

    Hello :) Have you tried whitelisting the IP range in the csf.allow file? It's documented at:
    0
  • quizknows
    You should never put a PCI vendor in csf.allow. Add their IP ranges to csf.ignore This will allow them to probe without being blocked, but will not cause you headaches with ports being mistakenly reported as "open" such as 3306 for MySQL which will cause your scan report to be failing status. If you put an IP range in csf.allow, every port appears open. You only need to 'ignore' them for LFD. Be sure to fully restart csf AND lfd after making this change, either via WHM, or on a root shell with:
    csf -x ; csf -e
    0
  • Mr_Kings
    Hello :) Have you tried whitelisting the IP range in the csf.allow file? It's documented at:
    0
  • Mr_Kings
    You should never put a PCI vendor in csf.allow. Add their IP ranges to csf.ignore

    This worked! Thanks for the help!
    0
  • quizknows
    Glad to help, thanks for checking back.
    0

Please sign in to leave a comment.