The subject is:
Code: Select all
lfd on server.domain.tld: blocked distributed SMTP Logins on account [account@domain.tld]Search found 6 matches
- 27 Jul 2017, 07:28
- Forum: Suggestions (csf)
- Topic: Alert for distributed smtpauth attack ONLY when successful Login
- Replies: 1
- Views: 3874
Re: Alert for distributed smtpauth attack ONLY when successful Login
Actually, it is.
The subject is:
The subject is:
- 26 Jul 2017, 06:25
- Forum: General Discussion (csf)
- Topic: Need some help with regex.custom.pm.
- Replies: 3
- Views: 3628
Re: Need some help with regex.custom.pm.
Try with: # WP if (($globlogs{CUSTOM1_LOG}{$lgfile}) and ($line =~ /^\w{3}\ \d{2}\ \d{2}\:\d{2}\:\d{2}\ SERVER (wp|wordpress)\(.*\)\[\d+\]\:\ .*\ from\ (\S+)$/)) { return ("Failed WordPress login from",$2,"wordpressbf","5","80;tcp,443;tcp","3600"); }...
- 26 Jul 2017, 06:06
- Forum: General Discussion (csf)
- Topic: distributed FTP Logins on account
- Replies: 1
- Views: 2405
Re: distributed FTP Logins on account
They are being blocked, because CSF thinks it's a distributed attack.
Try adding the IP's to csf.ignore
Try adding the IP's to csf.ignore
- 26 Jul 2017, 05:59
- Forum: General Discussion (csf)
- Topic: custom blocklist file
- Replies: 1
- Views: 2339
Re: custom blocklist file
I did some tests... and.. it does not work.
Would be great if the csf guys fix it
Would be great if the csf guys fix it
- 26 Jul 2017, 05:52
- Forum: General Discussion (csf)
- Topic: Excessive resource usage jailshell
- Replies: 1
- Views: 2569
Re: Excessive resource usage jailshell
add:
exe:/usr/local/cpanel/bin/jailshell
to csf.pignore
exe:/usr/local/cpanel/bin/jailshell
to csf.pignore
- 26 Jul 2017, 05:51
- Forum: General Discussion (csf)
- Topic: How to whitelist domain from firewall
- Replies: 2
- Views: 5637
Re: How to whitelist domain from firewall
try csf.dyndns