Search found 5 matches

by Havri
25 Jan 2018, 09:38
Forum: General Discussion (cxs)
Topic: default-widgets.php
Replies: 2
Views: 1314

Re: default-widgets.php

Hello, Yes, for some time now, we get the same false positives on a lot of our Wordpress sites. This leads to error 500 on a Wordpress website. This can be temporarily resolved by putting the following line in /etc/cxs/cxs.ignore, /etc/cxs/cxs.ignore.fullscan or whatever cxs settings file you are us...
by Havri
15 Aug 2017, 15:17
Forum: General Discussion (csf)
Topic: Handling with Excessive and Suspicious processes
Replies: 1
Views: 850

Re: Handling with Excessive and Suspicious processes

Hello, Please look at the PT_USERKILL entry in /etc/csf/csf.conf, although you should first read all the documentation about this feature, as it will kill all the processes that reach the thresholds of PT_USERMEM, PT_USERTIME or PT_USERPROC. Not setting this correctly could of course result in stabi...
by Havri
15 Aug 2017, 15:10
Forum: General Discussion (csf)
Topic: How to add rule to csf.ignore
Replies: 2
Views: 1597

Re: How to add rule to csf.ignore

Hello,

You should use the pexe regex rule, like so in /etc/csf/csf.pignore:

Code: Select all

pexe:^/usr/local/lsws/bin/lshttpd.*$
Let me know if it works.

Regards.
by Havri
05 Apr 2017, 09:14
Forum: General Discussion (csf)
Topic: csf.pignore for php running under cagefs
Replies: 1
Views: 1283

Re: csf.pignore for php running under cagefs

Hello, I've just had to deal with a somewhat similar situation.. I managed to whitelist my lshttpd process with the following in my csf.pignore file: pexe:^/usr/local/lsws/bin/lshttpd\..* I don't want to whitelist every different version Please notice: 1. the caret sign at the beginning of the comma...
by Havri
05 Jan 2016, 12:43
Forum: Suggestions (cxs)
Topic: Send mail to scripts owner (victims)
Replies: 13
Views: 15558

Re: Send mail to scripts owner (victims)

Hello, I got this working by using the command: /usr/sbin/cxs --report /var/log/cxs.scan --logfile /var/log/cxs.log --mail YourLogMail@mail.com --smtp --exploitscan --virusscan --sversionscan --nobayes -I /etc/cxs/cxs.ignore --template /etc/cxs/cxs.YourTemplate --options mMOLfSGchexdnwZRD --voptions...