Search found 11 matches
- 21 Dec 2020, 13:04
- Forum: Suggestions (csf)
- Topic: LFD block email address instead of complete IP on many wrong logins
- Replies: 7
- Views: 18220
Re: LFD block email address instead of complete IP on many wrong logins
I would second this suggestion. I come across a couple of scenarios where this causes an issue semi regularly. The main one is a client has their email misconfigured on their phone. They walk in to work where it connects to wifi, blocking the entire office. Their office broadband does not have a sta...
- 25 Apr 2019, 01:38
- Forum: General Discussion (cxs)
- Topic: IP Reputation Poopulation
- Replies: 3
- Views: 9198
Re: IP Reputation Poopulation
I've had a similar problem. I've a user who persistently gets her IMAP login wrong. She has a phone with the wrong password. When she arrives at work, they get a temp ban. The temp ban then gets sent to ConfigServer's IP reputation server and they end up on the CXS_ALL list. In the meantime the temp...
- 24 Jul 2018, 15:35
- Forum: General Discussion (csf)
- Topic: Centrally Manage CSF from one server
- Replies: 2
- Views: 3475
Re: Centrally Manage CSF from one server
The config files and settings are set on each server but it does have a cluster facility whereby you can block and unblock IPs across the entire cluster from another cluster member.
- 09 Feb 2018, 10:30
- Forum: Suggestions (cxs)
- Topic: CLEAN button in quarantine?
- Replies: 2
- Views: 11936
Re: CLEAN button in quarantine?
Thread resurrection. I was clearing up a site earlier and was thinking through the process. I get an email with all the exploits/fingerprints/viruses etc but then cut out the filename from the email, paste in to a shell to view it and then I decide to either delete the file, quarantine it or edit it...
- 05 Dec 2016, 14:28
- Forum: Suggestions (cxs)
- Topic: WHMCS Module
- Replies: 1
- Views: 11212
Re: WHMCS Module
A module that let you run a scan from the admin side of WHMCS would be useful also so that support staff could order a scan if the client thinks their site may be exploited.
- 25 Oct 2016, 12:41
- Forum: General Discussion (cxs)
- Topic: Seeming false positive - not sure
- Replies: 2
- Views: 12582
Re: Seeming false positive - not sure
Bumping an old thread here but we've had an uptick in this recently. Presumably they're trying to upload a replacement file to exploit the hole in Revolution Slider that was discovered and patched some time ago. It's somewhat concerning that through Wordpress's admin-ajax.php they can get a file thr...
- 06 Nov 2014, 10:34
- Forum: Suggestions (cmm)
- Topic: Order by Date
- Replies: 2
- Views: 13642
Re: Order by Date
Adding a +1 for this.
Some of my customers have inboxes with 1000s of emails in them and currently with it being ordered oldest -> newest I have to wait minutes for the browser to load the entire mailbox to get to the most recent messages.
Some of my customers have inboxes with 1000s of emails in them and currently with it being ordered oldest -> newest I have to wait minutes for the browser to load the entire mailbox to get to the most recent messages.
- 04 Nov 2014, 17:18
- Forum: General Discussion (cmc)
- Topic: ModSecurity features in cPanel 11.46
- Replies: 3
- Views: 11224
ModSecurity features in cPanel 11.46
11.46 adds ModSecurity features to WHM/cPanel which on the face of it seems like a great thing but is it?
Does it conflict with ConfigServer's ModSecurity Control?
Does it conflict with ConfigServer's ModSecurity Control?
- 16 Apr 2013, 14:43
- Forum: General Discussion (csf)
- Topic: What's the best solution in CSF for DNS/named flooding?
- Replies: 5
- Views: 13812
Re: What's the best solution in CSF for DNS/named flooding?
A client of mine has been getting repeatedly hit by these kinds of DNS attacks and would appreciate if anyone has any further insight as to how to solve it. Like the OP their DNS was getting repeatedly asked to respond to A / MX record requests for domains they used to host but no longer did. The so...
- 05 Jun 2010, 20:47
- Forum: Suggestions (csf)
- Topic: PT_USERMEM / PT_USERTIME Debugging info
- Replies: 1
- Views: 4325
PT_USERMEM / PT_USERTIME Debugging info
At the moment when PT_USERMEM or PT_USERTIME are exceeded you just get a message telling you which process has exceeded the limit. Could more debugging info be included such as a trace of the process causing the memory limit to be broken? For example, I've had a couple of users go past a 200MB limit...