Search found 22 matches

by MACscr
05 Nov 2016, 20:47
Forum: General Discussion (csf)
Topic: LF_PERMBLOCK_ALERT set to 0
Replies: 4
Views: 2502

Re: LF_PERMBLOCK_ALERT set to 0

Im having the same issue. Ive done csf -r and service lfd restart. No difference.
by MACscr
19 Jan 2016, 06:38
Forum: General Discussion (csf)
Topic: CSF auto update does not trigger csfpre.sh (again)
Replies: 3
Views: 2270

Re: CSF auto update does not trigger csfpre.sh (again)

Yes, this is very frustrating and causing tons of problems for us.
by MACscr
04 Aug 2015, 22:26
Forum: General Discussion (cmc)
Topic: CMC OFF RULES for domain is not working anymore
Replies: 4
Views: 8286

Re: CMC OFF RULES for domain is not working anymore

Why not? They both simply just manage config files. I like cpanels mod_sec logging better and its vendor process and and autoupdating, but they have no user users management, which cmc is good for.
by MACscr
17 Jul 2015, 10:56
Forum: General Discussion (csf)
Topic: SMTP_ALLOWLOCAL with Webmail
Replies: 1
Views: 1430

Re: SMTP_ALLOWLOCAL with Webmail

probably not. Have you considered turning off the mail function for php for their account? That could help things. Also, if they are continually getting hacked, its probably their third party modules or themes that they are using. Are you using well maintained mod_sec rules as well? Lastly, are you ...
by MACscr
31 Dec 2014, 22:47
Forum: General Discussion (csf)
Topic: mod_sec violations not being blocked
Replies: 3
Views: 3468

Re: mod_sec violations not being blocked

Thanks for the reply and info marcele. So you are saying that modsec is just giving warnings about the hack attempt and isnt even actually denying them? Thus LFD doesnt doesnt track the attempts?
by MACscr
18 Dec 2014, 16:24
Forum: General Discussion (csf)
Topic: mod_sec violations not being blocked
Replies: 3
Views: 3468

mod_sec violations not being blocked

I am seeing the same ip showing up in my httpd error_log for numerous mod_sec violations, yet its not being blocked by CSF. I have CSF set to block after 5 errors and it is watching the correct error_log path. [Thu Dec 18 10:21:12.222145 2014] [:error] [pid 23305] [client 94.102.49.241] ModSecurity:...
by MACscr
11 Feb 2014, 16:13
Forum: General Discussion (csf)
Topic: Relay ignore ip's?
Replies: 3
Views: 2103

Re: Relay ignore ip's?

Any suggestions then? Should I just use csf.ignore?
by MACscr
11 Feb 2014, 16:01
Forum: General Discussion (csf)
Topic: Relay ignore ip's?
Replies: 3
Views: 2103

Relay ignore ip's?

Is there a way for me to ignore the ip or hostnames of our incoming anti-spam systems in LFD? I am getting relay alerts from LFD. I dont want to completely whitelist the ip from all checks, just these relay checks.
by MACscr
28 Nov 2013, 00:51
Forum: MailScanner Front-End
Topic: Issues after uninstall
Replies: 1
Views: 1748

Issues after uninstall

After uninstalling the Mailscanner Frontend and all of its components (I followed its uninstall docs), exim will no longer verified recipients. Even though I have all my default addressses setup to :fail: and I have verified that exim.conf still has require verify = recipients, its still accepting e...
by MACscr
28 Oct 2013, 18:23
Forum: General Discussion (csf)
Topic: blocking outgoing mail only to cpanel servers?
Replies: 3
Views: 2478

Re: blocking outgoing mail only to cpanel servers?

Why would i need port 25 open for incoming connections? Im not accepting incoming smtp connections except from anti spam gateway. LOL, UDP is definitely not involved here, at least not on 25.