Disable Lfd excessive resource usage alert

Ways to disable Lfd excessive resource usage alert

  1. Bhawani Singh
    LFD is defined as Login Failure Daemon. A process named Daemon runs on server with CSF to ensure the securities correctly. The files are scanned at each point of LFD Fat regular intervals. For every second, it scans the server logs files. It highly checks for things like Brute Force Attacks. Brute Force Attacks is a trial and error method to get information like user password or Personal Identification Number. CSF is able to spot out the hacking attempts along with LFD. If the blocked IP are found, then you can block them by using CSF. CSF configuration manages these actions. With the presence of CSF, it blocks IP. In some circumstances, users will get server alert especially when one attempts to use excessive resources. LFD allows users to set the limit for resource usage. Additionally, it also enables users to track process tracking. It is not the right way to disable the alerts. If you find that particular process or service is important, you can enable them to use server resources and disable the LFD Notifications. One can directly access the CSF Configuration via WHM/terminal.

    Command to Disable Lfd Excessive Resource Usage:

    Code:
    /usr/bin/php/home/crybit/public-html/index.php
    PID: 11254

    Killed: No

    This command line is used to send the alert if you cross the limit to use the memory space from the server. If users do not wish to get the email alert about excessive resource usage, they can simply use few methods to disable the email alerts.

    Method 1:

    CSF configuration is the most fundamental way to disable the alerts. This feature is enabled in CSF Configuration. If you do not like to receive email alert, you can simply disable this feature from CSF Configuration. The alert from the mail will be highly useful for tracking the resource usage of users. Anyways, it won’t be a better method to resolve this issue.

    Steps to Disable the Excessive Resource Usage:

    Step 1: Log in into SSH. Don’t forget to login as root role of the user.

    Step 2: View the file of configuration (/etc/csf/csf.conf) as editor of your own choice and find out the directive ‘PT-USERMEM’. You can set the value of PT-USERMEM to ‘0’ in order to run out the CSF file.

    Command Line:

    Code:
    [root@server #] vim/etc/csf/csf.conf
    This user process tracking option sends an alert if any user process in Linux exceeds the memory usage set. In order to ignore specific processes, users can use csf.pignore.

    Set the value to ‘0’ to disable the feature.

    Method 2:

    Users are allowed to set the PT_USERMEM limit. However setting the value of greater than 200 will be the best idea.

    Steps:

    Step 1: Log in into WHM.

    Step 2: Open the CSF Firewall Configuration.

    config.png

    Step 3: Click on "Firewall Configuration".

    firewall.png

    Step 3: Change the value of PT-USERMEM and PT-USERTIME.

    usermem.png

    Step 4: Save the settings.

    Method 3:

    Among all three methods, this method is incomparable to stop alerts rising from both the CSF and LFD. The file naming ‘csf.pignore’ and one can do the process of user in order to ignore such alert rising to the file.

    Code:
    [root@server #] vim/etc/csf/csf.pignore