ConfigServer Community Forum

Sergio

Ok, thanks.

Sergio

Hello Sarah, Would you be kind to tell what is this warning about? It is showing on all my servers that are using WHM 124.0.23: Detected 1 service that is running outdated executables: MailScanner.service You must take one of the following actions to ensure the system is up-to-date: Restart the list...

Sergio

I noticed this too Sergio, so I signed up for an account with Validity just to see how to get rid of the notices. Once signed up, they tried to funnel me through a sales channel that felt counter productive to reducing spam. I have since deleted my account with them as the whole scheme felt nefario...

Sergio

Got it. I thought that CXS when a file is blocked because the file matches an MD5SUM code defined on the CXS.XTRA it could got the IP that tried to upload the malicious file. I managed to get the IP that tried to upload a bad file using the user's cPanel logs but it takes a long time to do it and th...

Sergio

Thank you, Sarah. I was writing about MD5SUM generated by CXS. ModSecurity rules, yes, I have that implemented on my servers and are working very well. But I thought there might be a way to block IPs that triggers MD5SUMs that are already defined in CXS.XTRA, so, next time that the same file is uplo...

Sergio

Hello Sarah,
Season greetings.

Sarah, is there a way to block on CSF Firewall an IP that trigers an MD5SUM at the first attempt?

If not, How may I can implement this?

Merry X'mas,
Sergio

Sergio

Hi, Sarah. When checking an email that was blocked due to SPAM the following lines appears: RCVD_IN_VALIDITY_CERTIFIED_BLOCKED 0.00 ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. RCVD_IN_VALIDITY_RPBL...

Sergio

Hi,
if you are using WHM you can use "Exim Filter Incoming Emails by Domain" and you can create your shebang to add domains to that filter.

Sergio

Sergio

In CSF check:
Login Failure Blocking and Alerts

Sergio

Sergio

If you trust that IP, you can add it to the whitelist and it will not be blocked. Or you can create your own bash script to run every 15 minutes to unblock IPs on your own white list. I don't recommend to unblock any IP every 15 minutes or hackers will not be blocked and your email will be attacked ...

ConfigServer Community Forum

Search found 1084 matches

Re: Security Advisor en WHM show error in MailScanner.

Security Advisor en WHM show error in MailScanner.

Re: What is VALIDITY error in MailScanner FE?

Re: How to block IP at the first attack detected in CXS?

Re: How to block IP at the first attack detected in CXS?

How to block IP at the first attack detected in CXS?

What is VALIDITY error in MailScanner FE?

Re: Feature request: block domains.tld

Re: Ban an IP, not just Block

Re: Failed IMAP login