ConfigServer Community Forum

This type of attack is very common, some hackers tries to get access to the email account if your CSF doesn't block the IP they will keep trying to find the password or if the computer has a virus, it will get the password and send it to a hacker. If the access to the account is granted, the hacker ...

It means that the email account is under attack and a lot of hackers are trying to access it and CSF has blocked that IPs.

Check if the email account is not sending spam and if so, then change the password of the account ASAP.

CSF can't block scripts or web pages, it only blocks IPs.

In order to know what is going on with that file, go to SEARCH SYSTEM LOGS and grep for configproducts.php and check all the errors in there and post info gathered from there.

Using CXS is the best way of blocking this. CXS checks every file uploaded to the server and deletes the file on the fly.

Sergio

Add 1+ vote for this.

Me, too

Hope I didn't confuse cornish with my post.

Best Regards,

Sergio

Try to customize the message EXIM send to the user, follow this link:
http://www.exim.org/exim-html-current/d ... sages.html

You can modify EXIM in WHM using the advance editor.

Sergio

Hi now and then i get an email saying Please use the following links to add to the black list: and says single IP then 24 and 16 can someone tell me where to add them please. FYI this email is NOT coming from csf, it is probably from cphulk. If you are using both it can get confusing when someone i...

That depends on what you want to do, you can add it to QUICK DENY or TEMPORARILY ACCESS/DENY buttons, or you can add them to your own CSF GLOBAL DENY file. What IP address to use, again, depends on what you want to do, single IP address, /24 range or /16 range. /24 is used in most cases but /16 is m...

Great sawbuck!
That is a good solution for MSFE, hope Sarah adds this on the next MailScanner update, so, all the domains added in MSFE white list could be added automatically to the skiprbldomains file.

Sergio