You've already forked ansible-role-csf
138 lines
4.6 KiB
Django/Jinja
138 lines
4.6 KiB
Django/Jinja
###############################################################################
|
|
# Copyright 2006-2018, Way to the Web Limited
|
|
# URL: http://www.configserver.com
|
|
# Email: sales@waytotheweb.com
|
|
###############################################################################
|
|
# The following is a list of executables (exe) command lines (cmd) and
|
|
# usernames (user) that lfd process tracking will ignore.
|
|
#
|
|
# You must use the following format:
|
|
#
|
|
# exe:/full/path/to/file
|
|
# user:username
|
|
# cmd:command line
|
|
#
|
|
# Or, perl regular expression matching (regex):
|
|
#
|
|
# pexe:/full/path/to/file as a perl regex[*]
|
|
# puser:username as a perl regex[*]
|
|
# pcmd:command line as a perl regex[*]
|
|
#
|
|
# [*]You must remember to escape characters correctly when using regex's, e.g.:
|
|
# pexe:/home/.*/public_html/cgi-bin/script\.cgi
|
|
# puser:bob\d.*
|
|
# pcmd:/home/.*/command\s\to\smatch\s\.pl\s.*
|
|
#
|
|
# It is strongly recommended that you use command line ignores very carefully
|
|
# as any process can change what is reported to the OS.
|
|
#
|
|
# For more information see readme.txt
|
|
|
|
exe:/bin/dbus-daemon
|
|
exe:/sbin/ntpd
|
|
exe:/usr/bin/dbus-daemon
|
|
exe:/usr/bin/dbus-daemon-1
|
|
exe:/usr/bin/lsmd
|
|
exe:/usr/bin/postgres
|
|
exe:/usr/bin/spamc
|
|
exe:/usr/lib/courier-imap/bin/imapd
|
|
exe:/usr/lib/courier-imap/bin/pop3d
|
|
exe:/usr/lib/polkit-1/polkitd
|
|
exe:/usr/libexec/dovecot/anvil
|
|
exe:/usr/libexec/dovecot/auth
|
|
exe:/usr/libexec/dovecot/dict
|
|
exe:/usr/libexec/dovecot/imap
|
|
exe:/usr/libexec/dovecot/imap-login
|
|
exe:/usr/libexec/dovecot/lmtp
|
|
exe:/usr/libexec/dovecot/pop3
|
|
exe:/usr/libexec/dovecot/pop3-login
|
|
exe:/usr/libexec/dovecot/quota-status
|
|
exe:/usr/libexec/dovecot/stats
|
|
exe:/usr/libexec/dovecot/imap-hibernate
|
|
exe:/usr/libexec/gam_server
|
|
exe:/usr/libexec/hald-addon-acpi
|
|
exe:/usr/libexec/hald-addon-keyboard
|
|
exe:/usr/libexec/mysqld
|
|
exe:/usr/local/apache/bin/httpd
|
|
exe:/usr/local/cpanel/3rdparty/bin/analog
|
|
exe:/usr/local/cpanel/3rdparty/bin/english/webalizer
|
|
exe:/usr/local/cpanel/3rdparty/bin/imapd
|
|
exe:/usr/local/cpanel/3rdparty/bin/php
|
|
exe:/usr/local/cpanel/3rdparty/bin/webalizer_lang/english
|
|
exe:/usr/local/cpanel/3rdparty/php/54/bin/php-cgi
|
|
exe:/usr/local/cpanel/3rdparty/php/56/bin/php-cgi
|
|
exe:/usr/local/cpanel/3rdparty/php/56/sbin/php-fpm
|
|
exe:/usr/local/cpanel/3rdparty/php/54/sbin/php-fpm
|
|
exe:/usr/local/cpanel/3rdparty/sbin/mydns
|
|
exe:/usr/local/cpanel/3rdparty/sbin/p0f
|
|
exe:/usr/local/cpanel/bin/cppop
|
|
exe:/usr/local/cpanel/bin/cppop-ssl
|
|
exe:/usr/local/cpanel/bin/cpuwatch
|
|
exe:/usr/local/cpanel/bin/cpwrap
|
|
exe:/usr/local/cpanel/bin/logrunner
|
|
exe:/usr/local/cpanel/bin/pkgacct
|
|
exe:/usr/local/cpanel/cpanel
|
|
exe:/usr/local/cpanel/cpdavd
|
|
exe:/usr/local/cpanel/cpsrvd
|
|
exe:/usr/local/cpanel/cpsrvd-ssl
|
|
exe:/usr/local/libexec/dovecot/imap
|
|
exe:/usr/local/libexec/dovecot/imap-login
|
|
exe:/usr/local/libexec/dovecot/pop3
|
|
exe:/usr/local/libexec/dovecot/pop3-login
|
|
exe:/usr/local/urchin/bin/urchinwebd
|
|
exe:/usr/sbin/chronyd
|
|
exe:/usr/sbin/exim
|
|
exe:/usr/sbin/exim
|
|
exe:/usr/sbin/hald
|
|
exe:/usr/sbin/httpd
|
|
exe:/usr/sbin/mysqld
|
|
exe:/usr/sbin/mysqld_safe
|
|
exe:/usr/sbin/named
|
|
exe:/usr/sbin/nscd
|
|
exe:/usr/sbin/nsd
|
|
exe:/usr/sbin/ntpd
|
|
exe:/usr/sbin/proftpd
|
|
exe:/usr/sbin/pure-ftpd
|
|
exe:/usr/sbin/sshd
|
|
exe:/var/cpanel/3rdparty/bin/php
|
|
exe:/usr/sbin/pdns_server
|
|
exe:/usr/local/cpanel/bin/autossl_check
|
|
exe:/usr/local/cpanel/bin/whm_xfer_download-ssl
|
|
pexe:^/usr/lib/jvm/java-.*/jre/bin/java$
|
|
exe:/usr/libexec/dovecot/indexer-worker
|
|
exe:/usr/libexec/dovecot/indexer
|
|
pexe:/usr/local/cpanel/3rdparty/bin/git.*
|
|
pexe:/usr/local/cpanel/3rdparty/libexec/git-core/git.*
|
|
|
|
# Some additional entries that you might want to ignore on cPanel servers.
|
|
# However, be aware of the security implications under "Process Tracking" in
|
|
# the csf readme.txt when using these:
|
|
#
|
|
#cmd:/bin/sh /usr/bin/mysqld_safe
|
|
#cmd:/bin/sh /usr/bin/mysqld_safe --basedir=/usr
|
|
#cmd:spamd child
|
|
#pcmd:/usr/local/cpanel/3rdparty/bin/python /usr/local/cpanel/3rdparty/mailman/bin/qrunner.*
|
|
#pcmd:/usr/local/cpanel/3rdparty/bin/python /usr/local/cpanel/3rdparty/mailman/bin/mailmanctl.*
|
|
#pcmd:/usr/bin/python.? /usr/local/cpanel/3rdparty/mailman/bin/qrunner.*
|
|
#pcmd:/usr/bin/python.? /usr/local/cpanel/3rdparty/mailman/bin/mailmanctl.*
|
|
#pcmd:/usr/bin/perl /usr/local/cpanel/3rdparty/bin/awstats\.pl.*
|
|
#pcmd:/usr/bin/perl /usr/local/cpanel/base/awstats\.pl.*
|
|
#pcmd:cpanellogd - (http|ftp) logs for .*
|
|
#pcmd:ubic-guardian ubic-periodic.*
|
|
#pcmd:perl /usr/local/cpanel/3rdparty/perl/\d+/bin/ubic-periodic.*
|
|
#pcmd:MailScanner:.*
|
|
|
|
# BEGIN GENERAL PROCESS IGNORE LIST
|
|
{% for process in csf_pignore | default([]) %}
|
|
{{ process }}
|
|
{% endfor %}
|
|
# END GENERAL PROCESS IGNORE LIST
|
|
{% if csf_pignore_host is defined %}
|
|
|
|
# BEGIN HOST SPECIFIC PROCESS IGNORE LIST
|
|
{% for process in csf_pignore_host %}
|
|
{{ process }}
|
|
{% endfor %}
|
|
# END HOST SPECIFIC PROCESS IGNORE LIST
|
|
|
|
{% endif %} |