Search found 7 matches
- 18 Dec 2020, 18:59
- Forum: General Discussion (cmc)
- Topic: Is there any way to allow customer disable ModSecurity rules directly?
- Replies: 3
- Views: 13167
Re: Is there any way to allow customer disable ModSecurity rules directly?
I was wondering the same thing too. I love CMC, but it would be nice if you could allow an end-user (A cPanel user) to be able to control which rules are enabled or disabled, without having to file a support ticket each time. Similar to how it works with MSFE? I think what would be awesome is to be ...
- 23 Oct 2019, 00:06
- Forum: General Discussion (csf)
- Topic: IP Constantly Getting Blocked
- Replies: 2
- Views: 4118
Re: IP Constantly Getting Blocked
Hiya! If you search /var/log/lfd.log for your IP address, for example using cat /var/log/lfd.log | grep 127\.0\.0\.1 It will provide the reasons why LFD is blocking your IP with CSF, so that you can then look at the rules which are triggering. For example, if I were to search my IP and the following...
- 22 Oct 2019, 22:53
- Forum: General Discussion (csf)
- Topic: When an IP is blocked in CSF, does it block incoming DNS queries?
- Replies: 0
- Views: 3334
When an IP is blocked in CSF, does it block incoming DNS queries?
Hi folks!
A bit of a general question, I was wondering if when an IP is blocked in CSF (or by LFD), does it block incoming DNS queries by default or do I need to allow them to make queries?
I can't find this documented anywhere.
Kind regards,
Jess
A bit of a general question, I was wondering if when an IP is blocked in CSF (or by LFD), does it block incoming DNS queries by default or do I need to allow them to make queries?
I can't find this documented anywhere.
Kind regards,
Jess
- 20 Oct 2019, 12:25
- Forum: General Discussion (csf)
- Topic: csf/lfd not blocking failed attempts on cPanel webmaild logins
- Replies: 4
- Views: 4948
Re: csf/lfd not blocking failed attempts on cPanel webmaild logins
Hiya, I anonymised the IP, it's an external one in the actual log-files.... hmm. If you can't replicate it, I wonder what's going on with my configuration.... everything else is working fine (cpanel login blocks, SSHD, mod_security)... just not webmaild until I added that custom regex to to the cust...
- 19 Oct 2019, 23:05
- Forum: General Discussion (csf)
- Topic: csf/lfd not blocking failed attempts on cPanel webmaild logins
- Replies: 4
- Views: 4948
Re: csf/lfd not blocking failed attempts on cPanel webmaild logins
After testing for a little while, it seems to work, however it's a little slow. If I've got the number of block attempts set at say 5, it will actually allow about 8 through before the block becomes active. I really think someone from ConfigServer needs to check to see if there's a problem with the ...
- 18 Oct 2019, 02:10
- Forum: General Discussion (csf)
- Topic: csf/lfd not blocking failed attempts on cPanel webmaild logins
- Replies: 4
- Views: 4948
Re: csf/lfd not blocking failed attempts on cPanel webmaild logins
Alright, I think I figured this out... I had some help getting the data already in the file into the blocklist with awk, sort grep and cut... So I've added this to the regex.custom.pm file in /etc/csf if (($globlogs{CUSTOM1_LOG}{$lgfile}) and ($line =~ /^\[.*\] info \[webmaild\] (\d+\.\d+\.\d+\.\d+)...
- 18 Oct 2019, 00:30
- Forum: General Discussion (csf)
- Topic: csf/lfd not blocking failed attempts on cPanel webmaild logins
- Replies: 4
- Views: 4948
csf/lfd not blocking failed attempts on cPanel webmaild logins
Hi! I'm having a bit of an issue with csf/lfd blocking cPanel webmaild logins. I just checked my log in /var/local/cpanel/log/login_log and there's hundreds if not thousands of attempts to login to accounts on the server which haven't been picked up by LFD (and subsequently blocked by CSF) I'm wonde...