Search found 7 matches

by solokron
03 May 2020, 22:48
Forum: General Discussion (csf)
Topic: Block ssh login alerts for some cpanel users
Replies: 2
Views: 1047

Re: Block ssh login alerts for some cpanel users

Why not just add the username to the csf.pignore file?
user:theusername
by solokron
26 Nov 2014, 00:40
Forum: MailScanner
Topic: Updated MailScanner and No Longer Functioning
Replies: 1
Views: 2069

Updated MailScanner and No Longer Functioning

Just updated to the latest versions via the front end and now spam is getting through. Anyone else encounter this? Status and logs look fine but it appears it is no longer assigning scores when it should.
by solokron
14 Oct 2014, 02:10
Forum: General Discussion (cxs)
Topic: Avoid daily alert messages for World writeable directory
Replies: 1
Views: 2073

Re: Avoid daily alert messages for World writeable directory

I would really like to know this as well. I do not care about world writable directories or ms windows binarys.
by solokron
31 Jul 2014, 22:46
Forum: General Discussion (cxs)
Topic: WordFence Falcon Engine ignore
Replies: 4
Views: 4076

Re: WordFence Falcon Engine ignore

For a product I paid for I'd think some form a response is not much to ask.
by solokron
30 Jul 2014, 02:02
Forum: General Discussion (cxs)
Topic: WordFence Falcon Engine ignore
Replies: 4
Views: 4076

Re: WordFence Falcon Engine ignore

Is it possible to perform a global */directory/* ignore?
by solokron
26 Jul 2014, 07:10
Forum: General Discussion (cxs)
Topic: WordFence Falcon Engine ignore
Replies: 4
Views: 4076

WordFence Falcon Engine ignore

With the popularity of WordFence I am seeing more and more of these. My ignore does not seem to work. What is the proper ignore rule for ignoring the wfcache folder globally? cxswatch Scanning /home/username/public_html/wp-content/wfcache/www.domain.com_article # Suspicious directory: '/home/usernam...
by solokron
29 Jan 2014, 16:27
Forum: General Discussion (cxs)
Topic: Botnet Script Detection
Replies: 3
Views: 3781

Botnet Script Detection

We have cxs and configserver running on a server and received the following from abuseeat.org. I am running the latest versions. Any recommend way to track down this script? I have grepped all files in /var/log/ but have found no occurrence of the IP 87.255.51.229 listed. The system runs Apache in r...