Search found 17 matches
- 21 Feb 2014, 02:22
- Forum: General Discussion (csf)
- Topic: wordpress "wp-login.php" attacks
- Replies: 2
- Views: 5979
Re: wordpress "wp-login.php" attacks
Hi I use 2 methods together for this problem, a wordpress plugin called limit-login-attempts and a htaccess file setup to stop any login attempt that is not refered from a hidden link page on the site, this stops scripts from direct accessing the login page. CSF is not used, wordpress is attacked so...
- 19 Feb 2014, 13:08
- Forum: General Discussion (csf)
- Topic: Email server botnet attacks
- Replies: 2
- Views: 3987
Re: Email server botnet attacks
Hi I have LF_DISTATTACK and and LF_SMTPAUTH SSL isn't really a option my customers are mostly computer illiterate and would panic. My problem has been that the number of IPs in the botnet exceeds what the firewall could handle so as new bot IPs were added to the block list other bots were dropped of...
- 19 Feb 2014, 08:35
- Forum: General Discussion (csf)
- Topic: new attacks from banned IPs
- Replies: 20
- Views: 25215
Re: new attacks from banned IPs
DA has Brute Force Monitor
http://directadmin.com/features.php?id=1227
With csf
http://forum.directadmin.com/showthread.php?t=44839
http://directadmin.com/features.php?id=1227
With csf
http://forum.directadmin.com/showthread.php?t=44839
- 19 Feb 2014, 08:23
- Forum: General Discussion (csf)
- Topic: new attacks from banned IPs
- Replies: 20
- Views: 25215
Re: new attacks from banned IPs
Unfortunately I have no experience with DA
you may have to open a support ticket .
you may have to open a support ticket .
- 19 Feb 2014, 07:58
- Forum: General Discussion (csf)
- Topic: new attacks from banned IPs
- Replies: 20
- Views: 25215
Re: new attacks from banned IPs
Its not part of the firewall look in Cpanel security menu 3rd section from top cphulk default settings are ok for most of the time, but when a attack starts filling the fire wall too quickly, the settings below work for me but you must whitelist your ip. IP Based Brute Force Protection Period in min...
- 19 Feb 2014, 07:28
- Forum: General Discussion (csf)
- Topic: new attacks from banned IPs
- Replies: 20
- Views: 25215
Re: new attacks from banned IPs
You may have to wait until someone with more knowledge than me to answer In the mean time if this is a major worry My suggestion is to use cphulk as well as csf and whitelist your ip address in cphulk then tighten the cphulk settings I have had large botnet attacks and the combination of cphulk and ...
- 19 Feb 2014, 06:32
- Forum: General Discussion (csf)
- Topic: new attacks from banned IPs
- Replies: 20
- Views: 25215
Re: new attacks from banned IPs
That is strange then A firewall that doesn't block ips is just a log that will make you paranoid. I know it a stupid question but at the top of firewall configuration is TESTING set to 0 and did you restart csf after adding ips. Other settings that could be the problem are in the Login Failure Block...
- 19 Feb 2014, 06:10
- Forum: General Discussion (csf)
- Topic: new attacks from banned IPs
- Replies: 20
- Views: 25215
Re: new attacks from banned IPs
Check the number of denied ips in csf frontend
then to see if it up to the limit
click firewall configuration
in the dropdown box at the top choose general settings
scroll down to DENY_IP_LIMIT , the default is 200
I don't use more than 500 if I can avoid it.
then to see if it up to the limit
click firewall configuration
in the dropdown box at the top choose general settings
scroll down to DENY_IP_LIMIT , the default is 200
I don't use more than 500 if I can avoid it.
- 19 Feb 2014, 06:00
- Forum: General Discussion (csf)
- Topic: new attacks from banned IPs
- Replies: 20
- Views: 25215
Re: new attacks from banned IPs
It must be a csf setting
what is your permanent deny limit set to.
what is your permanent deny limit set to.
- 19 Feb 2014, 04:43
- Forum: General Discussion (csf)
- Topic: What does it mean by "POPRELAY limit"
- Replies: 3
- Views: 4656
Re: What does it mean by "POPRELAY limit"
One of you users has sent a email with over 100 cc or bcc email recipient addresses