I try to secure login inside OpenCart. I kindly ask you to help me if code is the correct for CSF:
<!-- CSF/LFD to Block OpenCart Bruteforce Attacks ---->
<!-- 1. Edit the file -->
nano /usr/local/csf/bin/regex.custom.pm
<!-- Add the following code: -->
# XMLRPC
if (($globlogs{CUSTOM1_LOG}{$lgfile}) and ($line =~ /(\S+).*] "\w*(?:GET|POST) \/xmlrpc\.php.*" /)) {
return ("WP XMLPRC Attack",$1,"XMLRPC","5","80,443","1");
}
# OC-LOGINS Users
if (($globlogs{CUSTOM1_LOG}{$lgfile}) and ($line =~ /(\S+).*] "\w*(?:GET|POST) \/admin/index\.php.*" /)) {
return ("OC Login Attack",$1,"OCLOGIN","5","80,443","1");
}
# OC-LOGINS Administrator
if (($globlogs{CUSTOM1_LOG}{$lgfile}) and ($line =~ /(\S+).*] "\w*(?:GET|POST) \/admin/index\.php.*" /)) {
return ("OC Login Attack",$1,"OCLOGIN","5","80,443","1");
}
<!-- 2. Add the custom log that CSF/LFD will monitor -->
nano /etc/csf/csf.conf