Search found 5 matches
- 25 Jan 2018, 09:38
- Forum: General Discussion (cxs)
- Topic: default-widgets.php
- Replies: 2
- Views: 3929
Re: default-widgets.php
Hello, Yes, for some time now, we get the same false positives on a lot of our Wordpress sites. This leads to error 500 on a Wordpress website. This can be temporarily resolved by putting the following line in /etc/cxs/cxs.ignore, /etc/cxs/cxs.ignore.fullscan or whatever cxs settings file you are us...
- 15 Aug 2017, 15:17
- Forum: General Discussion (csf)
- Topic: Handling with Excessive and Suspicious processes
- Replies: 1
- Views: 2829
Re: Handling with Excessive and Suspicious processes
Hello, Please look at the PT_USERKILL entry in /etc/csf/csf.conf, although you should first read all the documentation about this feature, as it will kill all the processes that reach the thresholds of PT_USERMEM, PT_USERTIME or PT_USERPROC. Not setting this correctly could of course result in stabi...
- 15 Aug 2017, 15:10
- Forum: General Discussion (csf)
- Topic: How to add rule to csf.ignore
- Replies: 2
- Views: 4445
Re: How to add rule to csf.ignore
Hello,
You should use the pexe regex rule, like so in /etc/csf/csf.pignore:
Let me know if it works.
Regards.
You should use the pexe regex rule, like so in /etc/csf/csf.pignore:
Code: Select all
pexe:^/usr/local/lsws/bin/lshttpd.*$
Regards.
- 05 Apr 2017, 09:14
- Forum: General Discussion (csf)
- Topic: csf.pignore for php running under cagefs
- Replies: 1
- Views: 2851
Re: csf.pignore for php running under cagefs
Hello, I've just had to deal with a somewhat similar situation.. I managed to whitelist my lshttpd process with the following in my csf.pignore file: pexe:^/usr/local/lsws/bin/lshttpd\..* I don't want to whitelist every different version Please notice: 1. the caret sign at the beginning of the comma...
- 05 Jan 2016, 12:43
- Forum: Suggestions (cxs)
- Topic: Send mail to scripts owner (victims)
- Replies: 13
- Views: 33768
Re: Send mail to scripts owner (victims)
Hello, I got this working by using the command: /usr/sbin/cxs --report /var/log/cxs.scan --logfile /var/log/cxs.log --mail YourLogMail@mail.com --smtp --exploitscan --virusscan --sversionscan --nobayes -I /etc/cxs/cxs.ignore --template /etc/cxs/cxs.YourTemplate --options mMOLfSGchexdnwZRD --voptions...