Search found 22 matches

by MACscr
05 Nov 2016, 20:47
Forum: General Discussion (csf)
Topic: LF_PERMBLOCK_ALERT set to 0
Replies: 4
Views: 4810

Re: LF_PERMBLOCK_ALERT set to 0

Im having the same issue. Ive done csf -r and service lfd restart. No difference.
by MACscr
19 Jan 2016, 06:38
Forum: General Discussion (csf)
Topic: CSF auto update does not trigger csfpre.sh (again)
Replies: 3
Views: 3824

Re: CSF auto update does not trigger csfpre.sh (again)

Yes, this is very frustrating and causing tons of problems for us.
by MACscr
04 Aug 2015, 22:26
Forum: General Discussion (cmc)
Topic: CMC OFF RULES for domain is not working anymore
Replies: 4
Views: 11357

Re: CMC OFF RULES for domain is not working anymore

Why not? They both simply just manage config files. I like cpanels mod_sec logging better and its vendor process and and autoupdating, but they have no user users management, which cmc is good for.
by MACscr
17 Jul 2015, 10:56
Forum: General Discussion (csf)
Topic: SMTP_ALLOWLOCAL with Webmail
Replies: 1
Views: 2526

Re: SMTP_ALLOWLOCAL with Webmail

probably not. Have you considered turning off the mail function for php for their account? That could help things. Also, if they are continually getting hacked, its probably their third party modules or themes that they are using. Are you using well maintained mod_sec rules as well? Lastly, are you ...
by MACscr
31 Dec 2014, 22:47
Forum: General Discussion (csf)
Topic: mod_sec violations not being blocked
Replies: 3
Views: 5578

Re: mod_sec violations not being blocked

Thanks for the reply and info marcele. So you are saying that modsec is just giving warnings about the hack attempt and isnt even actually denying them? Thus LFD doesnt doesnt track the attempts?
by MACscr
18 Dec 2014, 16:24
Forum: General Discussion (csf)
Topic: mod_sec violations not being blocked
Replies: 3
Views: 5578

mod_sec violations not being blocked

I am seeing the same ip showing up in my httpd error_log for numerous mod_sec violations, yet its not being blocked by CSF. I have CSF set to block after 5 errors and it is watching the correct error_log path. [Thu Dec 18 10:21:12.222145 2014] [:error] [pid 23305] [client 94.102.49.241] ModSecurity:...
by MACscr
11 Feb 2014, 16:13
Forum: General Discussion (csf)
Topic: Relay ignore ip's?
Replies: 3
Views: 3549

Re: Relay ignore ip's?

Any suggestions then? Should I just use csf.ignore?
by MACscr
11 Feb 2014, 16:01
Forum: General Discussion (csf)
Topic: Relay ignore ip's?
Replies: 3
Views: 3549

Relay ignore ip's?

Is there a way for me to ignore the ip or hostnames of our incoming anti-spam systems in LFD? I am getting relay alerts from LFD. I dont want to completely whitelist the ip from all checks, just these relay checks.
by MACscr
28 Nov 2013, 00:51
Forum: MailScanner Front-End
Topic: Issues after uninstall
Replies: 1
Views: 2953

Issues after uninstall

After uninstalling the Mailscanner Frontend and all of its components (I followed its uninstall docs), exim will no longer verified recipients. Even though I have all my default addressses setup to :fail: and I have verified that exim.conf still has require verify = recipients, its still accepting e...
by MACscr
28 Oct 2013, 18:23
Forum: General Discussion (csf)
Topic: blocking outgoing mail only to cpanel servers?
Replies: 3
Views: 4071

Re: blocking outgoing mail only to cpanel servers?

Why would i need port 25 open for incoming connections? Im not accepting incoming smtp connections except from anti spam gateway. LOL, UDP is definitely not involved here, at least not on 25.