I would like to suggest CSF to automatic report to users/admins of Internet abuse associated network/email activity. So you can automatic send email to WHOIS ABUSE emails about the security incident.
Not sure if this is possible with CSF, but is there a way to watch log files that get out of control? I had a small problem today messing about with modsecurity and set this bit:
SecDebugLogLevel 5
along with some very tight rules, apparently blocking blackberry access to one account with lots of traffic. Anyway, I got sidetracked and forgot to go back and dial it back down. Needless to say the...
On FTP login failures or any of the services really, is it possible to block the IP connecting to the FTP ports instead of blocking the IP address from accessing anything on the server after x (as configured) unsuccessful login attempts?
Hi folks,
CSF is simply the most useful application available for cpanel. That said, the ConfigServer Security&Firewall could be extended to end World Hunger, Purify water and end Hacker Crime.
Well, at least one of the three -- Here's my concept:
Using ConfigServer Security&Firewall, set up a central hacker IP activity database.
Include an option in CSF to allow for daily sending of the...
i would like to see this option:
Generate and email this report if score is below: and a dropdown of scores like:
116,117,118, etc.
i think this is more useful/convenient than receiving an email every night and scrolling down to its bottom to see the score... i find it pretty annoying sometimes.
Since bots and zombie computer are getting harder for the average bot kiddy to come by now a days they are resorting to GET attacks on dynamic sites with the inetention to exhaust resources which in most cases it does no matter if you have network ddos protection, connection tracking, etc. The requests are legit requests for like index.php or GET / over and over but it does it slow enough and...
Since upgrading a cPanel account to 11.24 and switching from Courier to Dovecot, I'm noticing a variety of entries in /var/log/exim_mainlog that in the past I think would have triggered LFD and caused an IP block. These involve Incorrect authentication or Unable to authenticate responses.
Attached is a text file with a snippet of entries from our log file.
Can this be made possible wiithout giving them complete access? This would be a great feature as I have some resellers who have been asking for this quite some time yet II have not been able to come up with anything for them. Any ideas?
I'm just wondering if I can get a 'vmstat 1 10' or such with a high load alert, because on most of the systems I administrate the vmstat commands first line of output is a cache.
illustrated..:
# date && vmstat 1 1
Fri Jun 26 11:51:56 NZST 2009
procs -----------memory---------- ---swap-- -----io---- --system-- ----cpu----
r b swpd free buff cache si so bi bo in cs us sy id wa
0 0 398580...
I really love the relay alert notifications, and it has been invaluable for catching spammers in the past, but how about adding the ability to prevent notifications/alerts from a particular user account? Note that I don't want to ignore all events from that user, just the relay alerts.
As an example, some users have legitimate needs to send large amounts of e-mail, and we're flooded...
Hi - I think a neat feature that could be added to CSF while it's scanning log files would be a User-Defined String Alerts that could be emailed to the Admin...
For example: if I entered the string philidelphia or badhost.com CSF would alert me anytime CSF encounters the word in the Logs... :)
We have a few servers that should only get local traffic. CC_ALLOW states that entering countries in the CC_ALLOW field opens all ports to all clients from that country.
That's not what we want to do, instead we only want to permit US & CA clients to access these servers, but we want other restrictions and safeguards to remain in place.
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum