This forum is only for reproducible bugs with csf and lfd (i.e. not iptables problems, lack of understanding how to use a feature, etc). Posts must be accompanied with full technical details of the problem and how it can be recreated. Any posts not adhering to this, or not considered bugs, will be moved to the General Discussion (csf) forum.
I have noticed that when a cdir address (eg.67.210.3.1/24) is blocked in the csf deny list, continued hammering by ips within that subnet still trigger the csf temp ban emails. (eg. 67.210.3.66, and 67.210.3.69 will trigger temp bans if hammering even after subnet is denied.)
this could give an attacker a way to flush out the temp ban list even if the "flushing" subnet has benn permanentely banned
using centos enterprise 4.x
apache 2.x
cpanel 11.x
oh ok I see now lol.
I had DROP_IP_LOGGING set to 1 just so we could see if one of our clients custom apps might require a specific port. I guess we will just put up with the numerous emails fo now
thanks chirpy
