Search found 19 matches
- 14 Jan 2015, 15:03
- Forum: General Discussion (csf)
- Topic: Drupal / Wordpress and other cms protection
- Replies: 4
- Views: 4039
Re: Drupal / Wordpress and other cms protection
In the wordpress scenario, fail2ban is just the name of a wp plugin to write login attempts to syslog... fail2ban itself is not actually being used. Ultimately, you can point a custom regex in LFD to monitor any log you like, and act upon that.
- 14 Jan 2015, 14:59
- Forum: General Discussion (csf)
- Topic: csf.pignore ignore settings
- Replies: 1
- Views: 3832
Re: csf.pignore ignore settings
I think you also have to restart LFD
service lfd restart
service lfd restart
- 14 Jan 2015, 14:03
- Forum: General Discussion (csf)
- Topic: Drupal / Wordpress and other cms protection
- Replies: 4
- Views: 4039
Re: Drupal / Wordpress and other cms protection
Here's the wordpress info
viewtopic.php?f=6&t=6663&p=23704
viewtopic.php?f=6&t=6663&p=23704
- 14 Jan 2015, 13:47
- Forum: General Discussion (csf)
- Topic: Drupal / Wordpress and other cms protection
- Replies: 4
- Views: 4039
Re: Drupal / Wordpress and other cms protection
For wordpress, there is a fail2ban plugin, which will write wordpress failed logins to your system log. You can then use a custom regex in CSF/LFD to block them. Search the forums here. There is an example, specifically for this scenario, that works just fine. There is also a sticky post at the top ...
- 14 Jan 2015, 13:40
- Forum: General Discussion (csf)
- Topic: Major system emails generated
- Replies: 6
- Views: 6353
Re: Major system emails generated
Same for me on a brand new CentOS 6.5 server. I've installed CSF on several servers in the past, and have never seen anything like this 600 emails overnight, reporting apache, postfix, and more... all seemingly legitimate. I've never had to specifically ignore any processes before.
- 27 Nov 2014, 19:19
- Forum: General Discussion (csf)
- Topic: Custom REGEX rules for CSF.
- Replies: 93
- Views: 2017221
Re: Custom REGEX rules for CSF.
Deleted
- 27 Nov 2014, 19:18
- Forum: General Discussion (csf)
- Topic: regex.custom.pm for WordPress wp-login brute force
- Replies: 4
- Views: 8363
Re: regex.custom.pm for WordPress wp-login brute force
Not sure what I was doing wrong the other day, but this is working now.
- 25 Nov 2014, 15:00
- Forum: General Discussion (csf)
- Topic: Custom REGEX rules for CSF.
- Replies: 93
- Views: 2017221
Re: Custom REGEX rules for CSF.
Deleted
- 18 Nov 2014, 19:01
- Forum: General Discussion (csf)
- Topic: regex.custom.pm for WordPress wp-login brute force
- Replies: 4
- Views: 8363
Re: regex.custom.pm for WordPress wp-login brute force
Hi, Is there something I need to do to enable the custom regex? I have installed "WP fail2ban". I have verified that failed logins are being written to /var/log/messages. I have added the regex if (($lgfile eq $config{CUSTOM1_LOG}) and ($line =~ /Authentication failure for (\S+) from ([\d....