به نظر شما این میتواند راهکار باشد:
Enable this option if you want lfd to ignore (i.e. don't block) IP addresses
listed in csf.allow in addition to csf.ignore (the default). This option
should be used with caution as it would mean that IP's allowed through the
firewall from infected PC's could launch attacks on the server that lfd
would ignore

IGNORE_ALLOW = OffOn




روی on تنظیم کنم؟ ولی اینطوری امنیت سرور کم می شود .

چطور میتوانم حساسیت سرور به تعداد کانکشن را کم کنم؟

- - - Updated - - -

تغییراتی که دام را اینجا وارد می کنم اگر اشتباه بود بگویید:
Process Tracking. This option enables tracking of user and nobody processes
and examines them for suspicious executables or open network ports. Its
purpose is to identify potential exploit processes that are running on the
server, even if they are obfuscated to appear as system services. If a
suspicious process is found an alert email is sent with relevant information.
It is then the responsibility of the recipient to investigate the process
further as the script takes no further action

The following is the number of seconds a process has to be active before it
is inspected. If you set this time too low, then you will likely trigger
false-positives with CGI or PHP scripts.
Set the value to 0 to disable this feature

PT_LIMIT = Default: 60 [0-3600]

مقدار پیش فرض را 0 وارد کردم

- - - Updated - - -

Enable logging of dropped incoming connections from blocked IP addresses

This option will be disabled if you enable Port Scan Tracking (PS_INTERVAL)

DROP_IP_LOGGING = OffOn




اف بود ان کردم