ConfigServer Community Forum

Go to firewall profiles and choose a preset profile. Set it for protection-high ensure that it's taken out of test mode. I don't recall exactly where this is, but it may be the first line in the config section. stop and start CSF. This will give you a very good starting point, it's then just a matte...

is it possible to create custom rules.

eg, if someone was to try and access a folder on a domain that you didn't want accessed, they would be blocked.

If this is a Cpanel/WHM server, is the IP whitelisted in CPHULK or Host Access Control

Thanks for that.

Something which would block this:

2015-02-20 14:16:45 H=(spammer.co.uk) [68.153.70.230]:12837 F=<wendy@spammer.co.uk> rejected RCPT <c.tetlow@mydomain.com>: Sender verify failed

I don't know where to start here, so maybe someone could point me in the right direction. Some spam emails are being sent to users who do not exists, and there seems to be a pattern. tony-at-mydomain.com, alesnn-at-mydomain.com, there are about 10 or 15 which occur quite frequently. These get bounce...

OK. considering I got no answer.
What maximum values are others using in "Deny_IP_Limit"

Why would you want to flush all blocks. Lets assume block 1 was 4 weeks old and block 999 only 2 minutes old. If you flushed all blocks, then the hacker who was block number 999 could have another go at you. As it stands now, number 1 would be flushed and number 999 would be denied for another 4 wee...

Check "Deny server Ip's" button and then flush all blocks ?

When you say nothing has changed on the server.
11.48.12 was only released on the 16th, when was your update performed ?

In CSF, choose firewall profiles and select "protection high"
When done, ensure CSF is taken out of test mode. I can't remember exactly where this is, but it's not too difficult to find.

Then it's a matter of fine tuning to suit your requirements