Search found 3 matches
- 09 Mar 2016, 13:28
- Forum: General Discussion (csf)
- Topic: LFD not permanently blocking system login failures
- Replies: 2
- Views: 4140
Re: LFD not permanently blocking system login failures
For example: Time: Wed Mar 9 16:28:22 2016 +0330 IP: 67.***.***.103 (CA/Canada/-) Failures: 5 (cpanel) Interval: 300 seconds Blocked: Temporary Block Log entries: [2016-03-09 16:28:20 +0330] info [cpsrvd] 67.***.***.103 - golnoor "POST /login/?login_only=1 HTTP/1.1" FAILED LOGIN cpaneld: i...
- 09 Mar 2016, 10:51
- Forum: General Discussion (csf)
- Topic: LFD not permanently blocking system login failures
- Replies: 2
- Views: 4140
LFD not permanently blocking system login failures
What I experience is that LFD sends emails on login failures. When there are FTP of SMTP login failures, the IP's are also automatically blocked permanently. But on SYSTEM login failures not. We do receive the same emails from LFD on all login failures, it's just that I have to manually block all IP...
- 16 Feb 2016, 09:07
- Forum: General Discussion (cxs)
- Topic: STICKY rules for CXS.XTRA regs.
- Replies: 71
- Views: 550184
Re: STICKY rules for CXS.XTRA regs.
I fount very useful Patterns for simple web malware detection. http://www.abuseat.org/findbot.pl my $scriptpat = '(Edited By GuN-Jack|die\(PHP_OS.chr\(49\).chr\(48\).chr\(43\).md5\(0987654321\)|die\(PHP_OS.chr\(49\).chr\(49\).chr\(43\).md5\(0987654321\)|social\.png|r57|c99|web shell|passthru|shell_e...