ConfigServer Community Forum

Can anybody assist with this? Still need to find a way to block multiple attacks on wp-login.php Have tried multiple times, but so far not working. I'm also using mod security and have enabled the mod_sec rules in CSF. Even though Mod Security is working and picking up the multiple violations, CSF i...

Hey @ Sergio - I appreciate your help - can you try to paste the code into https://pastebin.com/

Here is the new link for the image: will be active for 12 hours. Sergio I'm really confused. Why do you send a code that expires in 5 hrs or 12 hrs? Is it top secret? What's the problem on leaving it up for a longer ? Or if it really is very sensitive - then why not PM me with the URL ? I have not ...

@Sergio - thank you

Nope missed that too!

I am not getting any notifications on this thread and as it was the weekend I was not checking manually.

Please can you do it again and also perhaps give a few days on the expiry?

Thanks

Hey Sergio

Thanks for your efforts - yes the blocking of IPs in this forum seems pretty harsh.

Also I never received notification of your post - so I was not able to get to this post sooner - I missed your 5hr deadline.

Could you please repost with a longer timeframe?

Heaps of thanks for your time

Hi @sergio Thank you for your offer to assist, I appreciate that. FYI I am running Centos server 7.8 and WHM /Cpanel v86. Also running Modsec OWASP CRS v3. I also (mostly) but not always have a htaccess basic auth set up for WordPress sites (just an extra layer of security). For some reason I don't ...

Just to comment that although this appears to be useful, it doesn't seem to work for me; I followed the instructions, then used a VPN to try to login to a wordpress site - and tried random logins 5 times to trigger the block. LFD accurately recorded the block like so: (WPLOGIN) WP Login Attack 77.zz...

Hello I have two related questions if you could answer, I would be very grateful; 1) I am using Mod security as well as CSV on my Apache Centos server. I have been getting some IPV6 attacks and mod security is adding them to the mod security block just fine - but how can I manually add the offending...

Hi all I came here looking for an answer on this matter also. The "Excessive resource usage" notifications can be a bit of a nuisance if you already know about the user / program etc. So what is the best way to curtail these based on a specific user - or perhaps increase the notification t...