ignore statement ignored by lfd csf
Posted: 23 Feb 2021, 10:44
Hi I have following statement in my csf.ignore hoever I still receiving 50-100 emails per day. Where I am doing wrong ?
csf.ignore
###############################################################################
# Copyright 2006-2018, Way to the Web Limited
# URL: http://www.configserver.com
# Email: sales@waytotheweb.com
###############################################################################
# The following IP addresses will be ignored by all lfd checks
# One IP address per line
# CIDR addressing allowed with a quaded IP (e.g. 192.168.254.0/24)
# Only list IP addresses, not domain names (they will be ignored)
#
127.0.0.1
Include /etc/csf/cpanel.comodo.ignore
Include /etc/csf/cpanel.ignore
cmd:spamd child
pexe:/home/.*/public_html/cgi-bin/script\.cgi
pcmd:/home/.*/command\s\to\smatch\s\.pl\s.*
exe:/usr/local/cpanel/3rdparty/perl/530/bin/perl
pcmd:/usr/local/cpanel/3rdparty/bin/awstats\.pl.*
pcmd:/usr/local/cpanel/base/awstats\.pl.*
pcmd:/usr/bin/perl /usr/local/cpanel/3rdparty/bin/awstats\.pl.*
pcmd:/usr/bin/perl /usr/local/cpanel/base/awstats\.pl.*
-------------------------
Email:
Time: Tue Feb 23 10:37:09 2021 +0000
PID: 6855 (Parent PID:4636)
Account: alohadesigncom
Uptime: 6846 seconds
Executable:
/usr/local/cpanel/3rdparty/perl/530/bin/perl
Command Line (often faked in exploits):
spamd child
Network connections by the process (if any):
csf.ignore
###############################################################################
# Copyright 2006-2018, Way to the Web Limited
# URL: http://www.configserver.com
# Email: sales@waytotheweb.com
###############################################################################
# The following IP addresses will be ignored by all lfd checks
# One IP address per line
# CIDR addressing allowed with a quaded IP (e.g. 192.168.254.0/24)
# Only list IP addresses, not domain names (they will be ignored)
#
127.0.0.1
Include /etc/csf/cpanel.comodo.ignore
Include /etc/csf/cpanel.ignore
cmd:spamd child
pexe:/home/.*/public_html/cgi-bin/script\.cgi
pcmd:/home/.*/command\s\to\smatch\s\.pl\s.*
exe:/usr/local/cpanel/3rdparty/perl/530/bin/perl
pcmd:/usr/local/cpanel/3rdparty/bin/awstats\.pl.*
pcmd:/usr/local/cpanel/base/awstats\.pl.*
pcmd:/usr/bin/perl /usr/local/cpanel/3rdparty/bin/awstats\.pl.*
pcmd:/usr/bin/perl /usr/local/cpanel/base/awstats\.pl.*
-------------------------
Email:
Time: Tue Feb 23 10:37:09 2021 +0000
PID: 6855 (Parent PID:4636)
Account: alohadesigncom
Uptime: 6846 seconds
Executable:
/usr/local/cpanel/3rdparty/perl/530/bin/perl
Command Line (often faked in exploits):
spamd child
Network connections by the process (if any):