ConfigServer Community Forum

seco

Hi,

I configured CSF to block all IPs expect my IP and everything is working perfectly.
Now, my question can I check those blocked IPs. As far as I know, they are dropped so there would be no log.

Regards,

seco

Hi, I noticed that after this latest update many requests return 520 error especially any page or file behind wp-includes This issue only appeared after the latest update (14.01)!! I didn't change anything on the server. The only thing changed is the CSF update. Note: The entire website works well a...

seco

Hello,

Can I Block POST request if it contains a specific word or some words?

Regards,
Moderated Message:

Please do not bump threads

seco

Hello, I'm using this regex to block wp-login.php POST requests on /etc/csf/regex.custom.pm: if (($globlogs{CUSTOM2_LOG}{$lgfile}) and ($line =~ /(\S+).*] "POST \/wp-login\.php.*" 200/)) { return ("Failed WordPress login from",$1,"wordpress","5","80,443&q...

seco

Hi
I've tried many ModSec attacks (SQL injections) on my server to see if the IP will be blocked but noting blocked.
I saw apache log, it contains all the attempts from my IP.
csf.conf contains:

LF_MODSEC_PERM=1
LF_MODSEC=1

How to block the attacking IP?
Thanks in advance.

seco

one last question
now if any changes made to the file so it can now uploaded so is there any other effective method to identify the file ?

seco

you answer is really insanely awesome like the product
really awesome !!
i'll try it
thanks in advance.

seco

Hi
Can i add new Fingerprint not included in cxs scanner so any one will upload that shell will be quarantined as others
thanks in advance.

ConfigServer Community Forum

Search found 8 matches

Can I see a log of blocked (dropped) connections?

Requests in WordPress wp-includes return 520 error

Block POST requests if it contains a specific word

Custom regex not working

CSF not blocking IPs

Re: add Fingerprint for new PHP shell

Re: add Fingerprint for new PHP shell

add Fingerprint for new PHP shell