Search found 80 matches
- 04 Sep 2019, 07:20
- Forum: General Discussion (csf)
- Topic: Exclude host from relay alert
- Replies: 3
- Views: 3639
Re: Exclude host from relay alert
That's helpful to know. Thanks for sharing!
- 03 Sep 2019, 06:51
- Forum: General Discussion (csf)
- Topic: Custom REGEX rules for CSF.
- Replies: 93
- Views: 2028215
Re: Custom REGEX rules for CSF.
Block SMTP Probes. The following custom REGEX rules are designed to block the IP of probes on your SMTP. Check the exact verbiage of your log entries. Adjust trigger and temp/perm result to taste. # dropped: too many unrecognized commands # 1 try; 1 day ban # CUSTOM1_LOG = "/var/log/exim_rejec...
- 03 Sep 2019, 06:38
- Forum: General Discussion (csf)
- Topic: Custom REGEX rules for CSF.
- Replies: 93
- Views: 2028215
Re: Custom REGEX rules for CSF.
Block junkmailers before they SPAM again. The following custom REGEX rule is designed to block the IP of any mailer triggering a [Spamassassin] filter, preventing the mailer from sending subsequent messages. Works with any spam filter – check the exact verbiage of your log entries. Adjust trigger a...
- 03 Sep 2019, 06:24
- Forum: General Discussion (csf)
- Topic: Custom REGEX rules for CSF.
- Replies: 93
- Views: 2028215
Re: Custom REGEX rules for CSF.
Import DNS-based RBLs in to CSF – one block at a time. Most RBLs are available only via DNS and few have a download option needed for CSF import. The following custom REGEX rule is designed to block the IP of any mailer triggering an RBL block preventing the mailer from sending subsequent messages....
- 03 Sep 2019, 00:40
- Forum: General Discussion (csf)
- Topic: LFD fails to block spamming of 'dovecot_login authenticator failed for...'
- Replies: 1
- Views: 3518
Re: LFD fails to block spamming of 'dovecot_login authenticator failed for...'
These failed login attempts can be annoying. I also use CentOS 7 but with cPanel. The cPHulk Brute Force Protection is effective at catching these, but it still fills the logs. Recently, I enabled custom regex rules to address this very situation. See /usr/local/csf/bin/regex.custom.pm for details, ...
- 31 Aug 2019, 07:56
- Forum: Report Bugs (csf)
- Topic: Javascript Error in DisplayUI.pm during Search System Logs
- Replies: 1
- Views: 5052
Javascript Error in DisplayUI.pm during Search System Logs
On v13.06 Search System Logs page, a javascript error is produced in all cases due to the lack of the timer pause button id="CSFpauseID" . While the pause button is omitted, the rest of the timer code is running and cannot set the missing timer button. csf.cgi:2284 Uncaught TypeError: Cann...
- 30 Aug 2019, 07:28
- Forum: Suggestions (csf)
- Topic: No entries found for ASN zone – change in data source
- Replies: 2
- Views: 5784
Re: No entries found for ASN zone – change in data source
Thank you for the information. There is no doubt that the code in csf is expecting the ASN to be listed in ASnnnn format. That is how I read it as well. There does appear to be doubt about the expected format of the ASN data provided in the GeoLite2 ASN CSV Database. This week's file provides the AS...
- 29 Aug 2019, 00:41
- Forum: Suggestions (csf)
- Topic: No entries found for ASN zone – change in data source
- Replies: 2
- Views: 5784
No entries found for ASN zone – change in data source
Today I was delighted to realize that one can enter ASNs in the firewall and the respective ranges will be looked up and added. I had been looking up and adding ranges manually which is quite time consuming. But I was disappointed when it didn't work: Aug 28 15:43:28 server lfd[31789]: CC: Retrievin...
- 23 Aug 2019, 08:28
- Forum: General Discussion (csf)
- Topic: Configuring MySQL Data Collection
- Replies: 0
- Views: 2797
Configuring MySQL Data Collection
Could someone kindly point me in the direction of more information regarding the MySQL Data Collection feature? It looks like an interesting feature, based on the description in the config, but it doesn't provide much detail and I'm having configuration challenges. ST_MYSQL = The following options a...
- 23 Aug 2019, 08:04
- Forum: Suggestions (csf)
- Topic: Disable Auto-Refresh in Watch System Logs
- Replies: 0
- Views: 5041
Disable Auto-Refresh in Watch System Logs
When the Watch System Logs page loads, the refresh function is automatically set to five seconds. I rarely find the auto-refresh helpful as I typically am scrolling up through the logs and lose my place when it refreshes. I've been wanting a feature request for a switch to disable the auto-refresh e...