Optimized CSF LFD to miminize false positive emails on new install? Centos6.2 + ISPConfig3

Posted by Damainman on Server Fault See other posts from Server Fault or by Damainman
Published on 2012-06-05T20:21:01Z Indexed on 2012/06/05 22:42 UTC
Read the original article Hit count: 525

Filed under:
|
|
|
|

I have a remote dedicated server running CentOS 6.2 x64bit with ISPConfig3. This is a brand new install.

Server Purpose: Basic LAMP Web Hosting with PureFTPD, BIND, CLAMAV, RKHunter.

Any advice or link to a guide which will clearly explain how to optimize the CSF+LFD configuration is greatly appreciated. I am not exactly sure on where to start what I shouldn't loosen the restrictions on.

At the moment my inbox is flooding with alerts from LFD such as:

  • Suspicious process running under user postfix
  • Excessive resource usage: haldaemon
    • Account: haldaemon
    • Resource: Process Time
    • Exceeded: 1823 > 1800 (seconds)
    • Executable: /usr/sbin/hald
    • Command Line: hald
    • PID: 1031
    • Killed: No
  • Excessive resource usage: amavis
    • Time: Tue Jun 5 12:43:35 2012 -0700
    • Account: amavis
    • Resource: Virtual Memory Size
    • Exceeded: 330 > 200 (MB)
    • Executable: /usr/bin/perl
    • Command Line: amavisd (virgin child)
    • PID: 27931
    • Killed: No
  • Excessive resource usage: apache
    • Time: Tue Jun 5 12:35:33 2012 -0700
    • Account: apache
    • Resource: Virtual Memory Size
    • Exceeded: 437 > 200 (MB)
    • Executable: /usr/sbin/httpd
    • Command Line: /usr/sbin/httpd
    • PID: 27286
    • Killed: No

© Server Fault or respective owner

Related posts about centos

Related posts about web-hosting