CSF

Pyxsoft is compatible with CSF/LFD however the following considerations need to be taken into account:

PxShield is installed as a service listening internally on ports 19080 and 19443. Through iptables, a redirect is generated from port 80 or 443 to PxShield, which receives web requests and redirects them to the apache, nginx or litespeed web server as appropriate.

The compatibility issue with CSF is that CSF deletes all iptables rules every time it is restarted, removing the redirection to PxShield. It is therefore necessary to ensure that the rules necessary for pxShield to work are recreated after each CSF restart.

For that purpose, when installing pyxsoft on top of CSF, a script called csfpost.sh is installed in /usr/local/csf/bin/. The purpose of this script, according to the CSF documentation, is to recreate the rules in iptables after csf restarts. The original file is located in /opt/pxshield/scripts/csfpost.sh.

To ensure that PxShield works correctly, it is necessary to first install CSF and then install Pyxsoft.

Also, is possible that under certain circumstances CSF/LFD blocks the web server’s own IP address, which prevents any connection via http to the server. To avoid this problem it is necessary to add the IP address of the server to the /etc/csf/csf.ignore file. The Pyxsoft installation script for cPanel automatically performs this task, but if CSF is installed after Pyxsoft, it must be done manually.