CSF not blocking mass FTP attacks
Posted: 15 Oct 2013, 16:41
I've noticed lately I'm getting a lot of attacks via FTP. I've checked the CSF configuration, and I've found this:
FTPD_LOG = "/var/log/secure" (restricted UI item)
Obviously, this can't be right, because /var/log/secure doesn't exist. Should I change this value to /var/log/proftpd/auth.log?
I'm using DirectAdmin for a control panel. It's unknown to me if DA uses a different log file format.
There is not /var/log/proftpd/proftpd.conf, the access.conf is empty. Also, nothing in /var/log/messages for proftp errors.
FTPD_LOG = "/var/log/secure" (restricted UI item)
Obviously, this can't be right, because /var/log/secure doesn't exist. Should I change this value to /var/log/proftpd/auth.log?
I'm using DirectAdmin for a control panel. It's unknown to me if DA uses a different log file format.
There is not /var/log/proftpd/proftpd.conf, the access.conf is empty. Also, nothing in /var/log/messages for proftp errors.