Search found 3 matches

by madeye
24 Oct 2018, 15:18
Forum: General Discussion (csf)
Topic: Custom regex not working
Replies: 4
Views: 9178

Re: Custom regex not working

This one caught me out (see https://forum.configserver.com/viewtopic.php?f=6&t=11009) The 4th parameter in the return statement is the number of times the rule can be triggered before the IP is blocked. If you change this to "1" then you should get blocked after the first request Also ...
by madeye
24 Oct 2018, 14:51
Forum: General Discussion (csf)
Topic: regex.custom.pm to block Drupal vulnerability POSTs
Replies: 1
Views: 2931

Re: regex.custom.pm to block Drupal vulnerability POSTs

HAH! My bad: I didn't understand the meaning of the "trigger level for blocking". It represents the number of times someone can trigger the rule before they are blocked - I thought it was some kind of priority index. To be fair it doesn't seem to be documented in detail anywhere (but link ...
by madeye
24 Oct 2018, 11:55
Forum: General Discussion (csf)
Topic: regex.custom.pm to block Drupal vulnerability POSTs
Replies: 1
Views: 2931

regex.custom.pm to block Drupal vulnerability POSTs

Hello, I've been using CSF & LFD for years and it's done very well for me. However I'm attempting something I haven't done before and am having trouble getting it to work. I am trying to block IP addresses that are attempting to POST command lines (nohup, wget etc) into perceived Drupal vulnerab...