Search found 6 matches

by Grindlay
07 Aug 2016, 15:39
Forum: General Discussion (cxs)
Topic: Web upload script (i don't understand)
Replies: 9
Views: 12774

Re: Web upload script (i don't understand)

That is what the LF_CXS option in csf.conf is for. cxs itself cannot do it as the ModSecurity process runs as the nobody (or default apache) user and not root. So it is - missed that in the options. Not quite clear on the difference between LF_MODSEC and LF_CXS but have set LF_CXS to 1 and will mon...
by Grindlay
04 Jul 2016, 15:55
Forum: General Discussion (cxs)
Topic: twentyfourteen hacked?
Replies: 1
Views: 5673

Re: twentyfourteen hacked?

If you don't use the theme, delete it. If you do, keep it updated. Haven't seen any other reports of a similar nature.
by Grindlay
04 Jul 2016, 14:51
Forum: General Discussion (cxs)
Topic: Web upload script (i don't understand)
Replies: 9
Views: 12774

Re: Web upload script (i don't understand)

Having looked at various options to reduce the amount of alerting, I think the best one is just to put the script filename in the cxs.ignore file. In this case, it would be : hfile:/public_html/wp-admin/admin-ajax.php This assumes that you're happy that admin-ajax.php is properly patched and secure....
by Grindlay
21 Jan 2015, 23:06
Forum: General Discussion (csf)
Topic: execute usr/sbin/csf -d within a php script
Replies: 5
Views: 8953

Re: execute usr/sbin/csf -d within a php script

Okay, here's my solution, hopefully someone can sanity-check it. I should say my server uses suPHP so my sites run with permissions of their owners. The best approach seems to be to allow your web user to sudo the command. Step 1 : I create a file /etc/sudoers.d/webuser with one line : webuser ALL=N...
by Grindlay
21 Jan 2015, 19:45
Forum: General Discussion (csf)
Topic: execute usr/sbin/csf -d within a php script
Replies: 5
Views: 8953

Re: execute usr/sbin/csf -d within a php script

I know this is a fairly old post but I've been looking for the answer to the same question. The difficulty (I think) is that you need to be root to call the command-line CSF configuration utility e.g. csf -d 11.22.33.44 Added because I don't like them Most PHP scripts will run either as Apache, Nobo...
by Grindlay
23 Jun 2008, 19:36
Forum: Suggestions (csf)
Topic: DShield
Replies: 6
Views: 9217

DShield log submission

In common with the others on this thread, I'm looking for a way to submit firewall logs to DShield. It's one of those areas where you are probably not going to make a huge difference at an individual server level because the majority of entries in your log are from your spotty Korean school boy who ...