ClosedLatest CyberPanel Breaks ConfigServer Security & Firewall's lfd Blocklists (/etc/csf/csf.blocklists) Blocks Edits

CSF’s lfd Blocklists (/etc/csf/csf.blocklists) cannot be edited anymore and whenever I attempt to uncomment any list whatsoever, I receive the error cited below. This is a breaking error and it needs to be fixed immediately. Further, I get it with clean installs on both AlmaLinux 8 and 9. Help!

See below:

{“error_message”: “Data supplied is not accepted, following characters are not allowed in the input $ & ( ) [ ] { } ; : \u2018 < >.", "errorMessage": "Data supplied is not accepted, following characters are not allowed in the input $ & ( ) { } ; : \u2018 < >.”}

image2872×1668 430 KB

Screenshot 2025-07-11 2046572868×1654 192 KB

This was posted for Usman and was fixed but he did say it was not pushed as yet. Not sure if it has been at this time but you can update and check.

Just updated again to see if anything changed within the last 24 hours. The same issue persists exactly as depicted above.

Any update? cc: @usmannasir

I just updated to the latest build and I still have the same issue and get the same error if I try to update the csf.blocklists in the web panel.

{“error_message”: “Data supplied is not accepted, following characters are not allowed in the input $ & ( ) [ ] { } ; : \u2018 < >.", "errorMessage": "Data supplied is not accepted, following characters are not allowed in the input $ & ( ) { } ; : \u2018 < >.”}

Further, updating to the latest build broke web access to CSF and required me to do a reinstall via python3 /usr/local/CyberCP/plogical/csf.py installCSF.

@usmannasir, this issue is still outstanding with the latest or current release. Plus, the latest upgrade now makes CSF inaccessible from CyberPanel’s web interface and required me to do the above fix with that one-liner of code.

image2170×736 34.2 KB

image2322×578 146 KB

I’m not sure why these things are not being addressed in a timely manner but yet there are new features being rolled out.

I usually patch these issues for myself in my server. I also lock my CyberPanel to whitelisted IP addresses.

Try the following:

if ! grep -q "configservercsf" /usr/local/CyberCP/CyberCP/secMiddleware.py; then sed -i -E "s/if.*valueAlreadyChecked == 0/& and request.path != '\/configservercsf\/iframe\/'/g" /usr/local/CyberCP/CyberCP/secMiddleware.py; fi
find /usr/local/CyberCP/ -type d -name __pycache__ -exec rm -r {} \+ && systemctl restart lscpd && systemctl restart lsws

This worked for me in 2.4.2 so you can try in 2.4.3

This fixed the issue. Thank you for resolving this!