Search found 7 matches

by tvc
23 Aug 2019, 20:19
Forum: General Discussion (csf)
Topic: csf suddenly stops blocking traffic -- all ports open
Replies: 1
Views: 2390

Re: csf suddenly stops blocking traffic -- all ports open

Could really use some help on this folks. It is consistently an issue across multiple servers.

Thanks!
by tvc
20 Aug 2019, 19:04
Forum: General Discussion (csf)
Topic: csf suddenly stops blocking traffic -- all ports open
Replies: 1
Views: 2390

csf suddenly stops blocking traffic -- all ports open

Hi, We've been having some issues the last couple months with quite a few servers, suddenly ssh is open and we are receiving reports of tons of root login attempts. reloading csf with 'csf -r' OR rebooting resolves the issue an nmap of the server will show all ports open, as if no firewall is runnin...
by tvc
30 Mar 2018, 18:45
Forum: Suggestions (cxs)
Topic: Better CXS Control UI
Replies: 1
Views: 6902

Re: Better CXS Control UI

The new interface is quite confusing actually. I wonder what triggered this "dumb down" approach? I mean the only ones really using it are geeks like us - and we certainly don't need a "Wizard." Is there a summary page or post describing the new layout, differences, advantages, e...
by tvc
25 Jan 2018, 14:57
Forum: General Discussion (cxs)
Topic: default-widgets.php
Replies: 2
Views: 3779

Re: default-widgets.php

Hmm, oddly my install across many servers is not picking that up or doing a quarantine on it this month.
by tvc
07 Dec 2017, 21:38
Forum: General Discussion (cxs)
Topic: default-widgets.php
Replies: 2
Views: 3779

default-widgets.php

Getting lots of what appear to be false positives on the WordPress file:
default-widgets.php
since the WordPress 4.9.1 update.

as:
ClamAV detected virus = [Html.Trojan.Hidelink-6390190-0]

Anyone else noticing this as well?

Thanks all!
by tvc
06 Apr 2015, 16:55
Forum: General Discussion (cxs)
Topic: How to quarantine specific signatures?
Replies: 2
Views: 3987

How to quarantine specific signatures?

Hi folks, Quarantine works well enough against the clamav stuff, though question. If I know a hacker is uploading a particular script, like one with this text I've added to extras now: regall:POST\[\'veio\'\] Is there a way to tell quarantine to auto quarantine files with "my" specific sig...
by tvc
05 Feb 2014, 19:09
Forum: General Discussion (cxs)
Topic: cPanel - Pure-FTPD stops working when UploadScript enabled
Replies: 2
Views: 4513

cPanel - Pure-FTPD stops working when UploadScript enabled

Hi, We've been running into this issue for at least the last year now, and it appears the old post regarding this issue has disappeared, so I figured we would bring it back to your attention. We run cPanel on all of our servers, we have CXS on about 10-15 of them. Sometimes pure-ftpd will randomly s...