ConfigServer Community Forum

Where in your error line is the " \[ " ? The line that you are showing has: 1392714132.861 0 1.2.3.4 TCP_DENIED/407 3922 CONNECT google.com:443 username HIER_NONE/- text/html So, the regex don't need any "\[" nor "\]" that doesn't exist. The regex should be something li...

My purpose is to only allow 1 country, and drop all others to FTP access. Well, in that case you can do to grant access to port 21 to only one country, use: CC_ALLOW_PORTS = US CC_ALLOW_TCP = 21 CC_ALLOW_UDP = 21 "An example would be to list port 21 here and remove it from TCP_IN/UDP_IN then o...

Read:

http://blog.configserver.com/?p=2113

Wilhelm,
instead of blocking all that countries, why don't you remove port 21 from TCP/UPD IN/OUT and creates the rules needed for the only IP that will be accessing your FTP port?

Just my 2 cents.

did you restarted sshd for the changes to take effect?

Hi soupn, yes, we have created a system that does the following: 1. Check CSF for any of our rules are triggered. 2. If the IP trigger any of our rules the IP is blocked in CSF deny. 3. A cron is executed every few minutes and checks the IPs that has been blocked. 4. If the IP is from countries that...

Thanks! I have done that, appreciated.

Sergio

Once again, my question, is ok to clean csf.tempip? I don't need any IPs that are there. Or is there a clean utility among CSF to clean that type of files?

Sergio

port 25 is needed for you to send emails, if you use your server to send/receive emails you can't block this port. If you don't use your server for any email activity then you can disable it, just go to your CSF configuration a delete port 25 and see if that helps you. Another approach is to create ...

Hi debug, this type of activity is very common, and you can't block or disable port 25 just because of this. I have created a rule in CSF to block all the IPs, that the set_id is set to different words like "jobs" in this case. If you want to see how many word has been trying to access you...