Hello,
my /usr/local/cpanel/logs/login_log is full of failed whm login attempts from ip addresses in verry strange countrys but it looks like the "attackers" know the defending mechanism against this type of attack because they stop after two failed attempts and a few hours hours later they try again.
I know this would be a "working as designed" status as my LF_CPANEL is set to 5 so it only responds after 5 failed login attempts but it is very annoying for now i just block the whole netblock .
The attacking ip's are from foreign countrys for the moment i am not allowed to travel to foreign destinations due to covid-19 so it was not me
can't you make it so lfd sends an email when those failed logins occur ?.
CSF not responding to bruteforce attacks
-
- Junior Member
- Posts: 16
- Joined: 01 Feb 2014, 11:58