Search found 1040 matches
- 06 Sep 2023, 05:51
- Forum: General Discussion (csf)
- Topic: Custom REGEX rules for CSF.
- Replies: 92
- Views: 1940240
Re: Custom REGEX rules for CSF.
Are you suffering phishing attacks with the email subject "I RECORDED YOU!" or "your account is hacked"? If you have ConfigServer MailScanner FE in your server then create an spamassassin file at: /etc/mail/spamassassin/ With the file name: blacksubjects.cf Write on that file the...
- 23 Aug 2023, 14:27
- Forum: General Discussion (csf)
- Topic: How to stop logging ICMP_IN, UDP_IN, UDP_OUT blocked messages in kern.log?
- Replies: 5
- Views: 1320
Re: How to stop logging ICMP_IN, UDP_IN, UDP_OUT blocked messages in kern.log?
ok, for me is that this will be no logged and not reported to you, that is what you asked for on your first message:
"How can also block the logging of the above messages?"
My fault if I miss understood your request, sorry.
"How can also block the logging of the above messages?"
My fault if I miss understood your request, sorry.
- 23 Aug 2023, 13:57
- Forum: General Discussion (csf)
- Topic: How to stop logging ICMP_IN, UDP_IN, UDP_OUT blocked messages in kern.log?
- Replies: 5
- Views: 1320
Re: How to stop logging ICMP_IN, UDP_IN, UDP_OUT blocked messages in kern.log?
@ktp,
you wrote:
# If a log line matches it will be ignored, otherwise it will be reported
you wrote:
Well, that is exactly what you asked for:How can also block the logging of the above messages?
# If a log line matches it will be ignored, otherwise it will be reported
- 21 Aug 2023, 05:36
- Forum: General Discussion (csf)
- Topic: How to ignore wp-toolkit process?
- Replies: 13
- Views: 2568
Re: How to ignore wp-toolkit process?
You can do it simpler, just write \d+ instead of [74|80|81], using \d+ you will take care of any PHP version old or future.
Happy Birthday!
Happy Birthday!
- 21 Aug 2023, 05:34
- Forum: General Discussion (csf)
- Topic: Whtielsiting on Ubuntu Not Working
- Replies: 5
- Views: 1334
Re: Whtielsiting on Ubuntu Not Working
When this happens, and if cPhulk is enabled on your server, try to check if the IP is not blocked by cPhulk.
I had a similar issue and after checking everything I found that cPhulk was blocking the IPs not CSF.
I had a similar issue and after checking everything I found that cPhulk was blocking the IPs not CSF.
- 21 Aug 2023, 05:25
- Forum: General Discussion (csf)
- Topic: How to stop logging ICMP_IN, UDP_IN, UDP_OUT blocked messages in kern.log?
- Replies: 5
- Views: 1320
Re: How to stop logging ICMP_IN, UDP_IN, UDP_OUT blocked messages in kernel.log?
Have you tried to add them to /etc/csf/csf.logignore
Sergio
Sergio
- 21 Aug 2023, 05:18
- Forum: General Discussion (csf)
- Topic: How to ignore wp-toolkit process?
- Replies: 13
- Views: 2568
Re: How to ignore wp-toolkit process?
No, as you can write your regex to take care of all PHP versions in just one line.
- 12 Aug 2023, 20:45
- Forum: General Discussion (csf)
- Topic: How to ignore wp-toolkit process?
- Replies: 13
- Views: 2568
Re: How to ignore wp-toolkit process?
your email is telling that your PHP exceeded the time allowed to run
Exceeded : 1801 > 1800 (seconds)
So, with that rule you will let PHP to use the time needed.
Exceeded : 1801 > 1800 (seconds)
So, with that rule you will let PHP to use the time needed.
- 12 Aug 2023, 04:07
- Forum: General Discussion (csf)
- Topic: How to exclude some IPs from SSH email alerts
- Replies: 3
- Views: 1138
Re: How to exclude some IPs from SSH email alerts
I had the same issue and what I did in cPanel was to create an email filter to delete those emails and for me that was the only way to get rid of them.
- 11 Aug 2023, 21:31
- Forum: MailScanner
- Topic: avoiding spoofing
- Replies: 1
- Views: 2608
Re: avoiding spoofing
The best way to go is to create your own SPAMASSASSIN RULE and tell your cPanel customers not to add their own domains in MailScanner WhiteList. I mean, if the hacker is impersonating you and you have your own domain in your MailScanner White List, then the spoofed email will go thru. So, if you cus...