Christmas Holiday

We will be closing our Store, Sales and Helpdesk from 17:30 Wednesday, 23rd December 2020 to 09:00 Monday, 4th January 2021. No orders, support requests or sales emails will be processed between those dates.

If you purchase a license or Service Package before the closing date and require installation, please be sure to leave at least 24 hours before then for the work to be done. Otherwise, any work will be scheduled for after this period.

Search found 22 matches

by UWH-David
06 Oct 2020, 00:53
Forum: General Discussion (csf)
Topic: Cleaner Deny Descriptions
Replies: 0
Views: 424

Cleaner Deny Descriptions

How can I change what goes into the deny lines in the csf.deny

Example:
#.#.#.# # lfd: (mod_security)
#.#.#.# # lfd: (smtpauth) Failed SMTP AUTH login from

To:
#.#.#.# # Security filter triggered
#.#.#.# # Failed SMTP Logins
by UWH-David
17 Sep 2020, 04:26
Forum: General Discussion (csf)
Topic: Messenger Not Updating
Replies: 2
Views: 171

Re: Messenger Not Updating

Flipping it back to v1 did the trick for me.
by UWH-David
17 Sep 2020, 04:20
Forum: General Discussion (csf)
Topic: Messenger Not Updating
Replies: 2
Views: 171

Re: Messenger Not Updating

and then there is this as well... --mregen MESSENGERV2 /etc/apache2/conf.d/csf_messenger.conf regeneration. This will also gracefully restart httpd csf --mregen csf - MESSENGERV2 /etc/apache2/conf.d/csf_messenger.conf regeneration: Sep 16 20:16:48 serverlfd[52333]: *MESSENGERV2*: Unable to generate ...
by UWH-David
17 Sep 2020, 04:12
Forum: General Discussion (csf)
Topic: Messenger Not Updating
Replies: 2
Views: 171

Messenger Not Updating

1 out of 10 servers updated the messenger index.recaptcha.html file. I have restarted csf, lfd, apache (v2 used), cleared caches, tried different browsers, different domain names but and yet it is still showing the default files when any host is hit at port 8888. This has been an ongoing issue since...
by UWH-David
17 Sep 2020, 01:59
Forum: General Discussion (csf)
Topic: Unable to update /etc/csf/messenger/index.html
Replies: 8
Views: 3552

Re: Unable to update /etc/csf/messenger/index.html

This has been an ongoing issue for a while now. I still encounter it from time to time even after restarting lfd and using a new private window in FireFox and a new domain name on the server.
by UWH-David
17 Sep 2020, 01:11
Forum: General Discussion (csf)
Topic: Messenger
Replies: 0
Views: 249

Messenger

I am seeing quite a few new files in the messenger directory along with an index.php which references invalid files. I understand what the .text file is for, can we get an up to date breakdown on what files are used for what now?

Thank you.
by UWH-David
28 Apr 2020, 17:58
Forum: General Discussion (csf)
Topic: SSH Distributed Attack Floods
Replies: 7
Views: 1800

Re: SSH Distributed Attack Floods

If these are all blocked ports, why would it matter?
by UWH-David
27 Apr 2020, 22:08
Forum: General Discussion (csf)
Topic: SSH Distributed Attack Floods
Replies: 7
Views: 1800

Re: SSH Distributed Attack Floods

As clearly indicated, these ports in the emails are ephemeral, and not the port SSH is on. Why is that? Hope this clarifies what I tried to wrote. The only one who knows the SSH port is you, so, hackers have to guess what port to attack. They use exploit scripts that tries to guess the SSH port and ...
by UWH-David
27 Apr 2020, 02:11
Forum: General Discussion (csf)
Topic: SSH Distributed Attack Floods
Replies: 7
Views: 1800

Re: SSH Distributed Attack Floods

This does not answer my question and seems to be missing several underlying key points. Why is this showing up in an ephemeral port range in the first place? SSH is not on a standard port as indicated and can only be hit there. It appears to be more of a case of false positives. It is because the ha...
by UWH-David
16 Apr 2020, 20:03
Forum: General Discussion (csf)
Topic: SSH Distributed Attack Floods
Replies: 7
Views: 1800

SSH Distributed Attack Floods

The latest version of configserver firewall. This one is driving me a little bonkers. We are all aware of the increase in SSH attacks lately. We run SSH on a non-standard port pretty high up but we are still seeing a MASSIVE influx of distributed SSH blocks on ports not related to our SSH port which...