Hello.
As a theoretical question assuming:
1) regex.custom.pm is properly formatted and without errors;
2) a log file in text format exists with one entry per line of failed logins;
3) csf has the proper log file identified as CUSTOM1_LOG in csf.conf;
4) Am I missing something?
Then csf should be able to block at the firewall a malicious user hammering away at an application login screen, said application login screen outputting to a text log file which is identified in the regex.custom.pm and is pointed to via CUSTOM1_LOG>
But it ain't workin'
csf regex.custom.pm and log files
-
BallyBasic79
- Junior Member
- Posts: 80
- Joined: 22 Aug 2019, 21:43
Re: csf regex.custom.pm and log files
If you'd like help, it will help if you post some example log lines, the log filename, and your custom regex.
Re: csf regex.custom.pm and log files
Thank you BallyBasic79,
What I discovered was an extra '\' backslash in the regex which was causing the csf feature to not work.
Removing it now has it working wonderfully.
I appreciate the response and apologize for my delay.
I once saw a long list of csf regex.custom.pm formulas on this excellent forum, but now can't find them. Do you have a link perchance?
Thank you and have a wonderful day!
What I discovered was an extra '\' backslash in the regex which was causing the csf feature to not work.
Removing it now has it working wonderfully.
I appreciate the response and apologize for my delay.
I once saw a long list of csf regex.custom.pm formulas on this excellent forum, but now can't find them. Do you have a link perchance?
Thank you and have a wonderful day!
-
BallyBasic79
- Junior Member
- Posts: 80
- Joined: 22 Aug 2019, 21:43
Re: csf regex.custom.pm and log files
Good catch.
You just passed the regex thread pinned at the top of this General Discussion (csf) forum. Or:
https://forum.configserver.com/viewtopic.php?f=6&t=7517
You just passed the regex thread pinned at the top of this General Discussion (csf) forum. Or:
https://forum.configserver.com/viewtopic.php?f=6&t=7517