Search found 1040 matches

by Sergio
06 Sep 2023, 05:51
Forum: General Discussion (csf)
Topic: Custom REGEX rules for CSF.
Replies: 92
Views: 1858641

Re: Custom REGEX rules for CSF.

Are you suffering phishing attacks with the email subject "I RECORDED YOU!" or "your account is hacked"? If you have ConfigServer MailScanner FE in your server then create an spamassassin file at: /etc/mail/spamassassin/ With the file name: blacksubjects.cf Write on that file the...
by Sergio
23 Aug 2023, 14:27
Forum: General Discussion (csf)
Topic: How to stop logging ICMP_IN, UDP_IN, UDP_OUT blocked messages in kern.log?
Replies: 5
Views: 1292

Re: How to stop logging ICMP_IN, UDP_IN, UDP_OUT blocked messages in kern.log?

ok, for me is that this will be no logged and not reported to you, that is what you asked for on your first message:
"How can also block the logging of the above messages?"

My fault if I miss understood your request, sorry.
by Sergio
23 Aug 2023, 13:57
Forum: General Discussion (csf)
Topic: How to stop logging ICMP_IN, UDP_IN, UDP_OUT blocked messages in kern.log?
Replies: 5
Views: 1292

Re: How to stop logging ICMP_IN, UDP_IN, UDP_OUT blocked messages in kern.log?

@ktp,
you wrote:
How can also block the logging of the above messages?
Well, that is exactly what you asked for:
# If a log line matches it will be ignored, otherwise it will be reported
by Sergio
21 Aug 2023, 05:36
Forum: General Discussion (csf)
Topic: How to ignore wp-toolkit process?
Replies: 13
Views: 2519

Re: How to ignore wp-toolkit process?

You can do it simpler, just write \d+ instead of [74|80|81], using \d+ you will take care of any PHP version old or future.

Happy Birthday!
by Sergio
21 Aug 2023, 05:34
Forum: General Discussion (csf)
Topic: Whtielsiting on Ubuntu Not Working
Replies: 5
Views: 1312

Re: Whtielsiting on Ubuntu Not Working

When this happens, and if cPhulk is enabled on your server, try to check if the IP is not blocked by cPhulk.
I had a similar issue and after checking everything I found that cPhulk was blocking the IPs not CSF.
by Sergio
21 Aug 2023, 05:18
Forum: General Discussion (csf)
Topic: How to ignore wp-toolkit process?
Replies: 13
Views: 2519

Re: How to ignore wp-toolkit process?

No, as you can write your regex to take care of all PHP versions in just one line.
by Sergio
12 Aug 2023, 20:45
Forum: General Discussion (csf)
Topic: How to ignore wp-toolkit process?
Replies: 13
Views: 2519

Re: How to ignore wp-toolkit process?

your email is telling that your PHP exceeded the time allowed to run
Exceeded : 1801 > 1800 (seconds)

So, with that rule you will let PHP to use the time needed.
by Sergio
12 Aug 2023, 04:07
Forum: General Discussion (csf)
Topic: How to exclude some IPs from SSH email alerts
Replies: 3
Views: 1132

Re: How to exclude some IPs from SSH email alerts

I had the same issue and what I did in cPanel was to create an email filter to delete those emails and for me that was the only way to get rid of them.
by Sergio
11 Aug 2023, 21:31
Forum: MailScanner
Topic: avoiding spoofing
Replies: 1
Views: 2589

Re: avoiding spoofing

The best way to go is to create your own SPAMASSASSIN RULE and tell your cPanel customers not to add their own domains in MailScanner WhiteList. I mean, if the hacker is impersonating you and you have your own domain in your MailScanner White List, then the spoofed email will go thru. So, if you cus...