Custom REGEX rules for CSF.

luisfalcon
Junior Member
Posts: 9
Joined: 12 Nov 2022, 18:22

Re: Custom REGEX rules for CSF.

Post by luisfalcon »

A little help here guys.

I created an extremely simple wordpress plugin that creates log of failed login attempts, this way I can target only a brute force attack and not a webmaster login into several sites in an hour for normal work (this is a server with more than a thousand wordpress sites)

I can make the log any way I want, but so far I am appending a timestamp and an the ip of the failed login attempt remote host, as an example:

failed-logins.log

Code: Select all

2022-11-12 18:14:32 192.34.9.3
2022-11-12 18:15:35 170.45.32.2
2022-11-12 18:18:25 238.170.22.1
I don't need to filter these, because ALL of them are already a failed login, so, How would a CSF rule look like?
Also, if you have any suggestion on the log format, please let me hear them.
Sergio
Junior Member
Posts: 1603
Joined: 12 Dec 2006, 14:56

Re: Custom REGEX rules for CSF.

Post by Sergio »

this forum is not for creating rules, the main purpose of this forum is to add new REGEX rules.

It will be great if you post this on the regular Config Server Firewall forum.
luisfalcon
Junior Member
Posts: 9
Joined: 12 Nov 2022, 18:22

Re: Custom REGEX rules for CSF.

Post by luisfalcon »

I will, thank you
Post Reply