LawsHosting
Verified User
I've ask this on their forums without any luck...
Currently, when CSF block IPs, it is a blanket block (all ports). Is there a setting to block just the port(s) that the "bad guy/girl" is attempting to brute force? I'm not keen on clients mistakenly entering, say, a wrong email password, get their IP blocked, and find out they are unable to access anything.
Sample csf.deny entry
But, it would be useful if it adds
Currently, when CSF block IPs, it is a blanket block (all ports). Is there a setting to block just the port(s) that the "bad guy/girl" is attempting to brute force? I'm not keen on clients mistakenly entering, say, a wrong email password, get their IP blocked, and find out they are unable to access anything.
Sample csf.deny entry
Code:
103.207.xxx.xxx # lfd: (smtpauth) Failed SMTP AUTH login from 103.207.xxx.xxx VN/Vietnam/-): 5 in the last 3600 secs - Sat Jan 13 03:59:29 2018
Code:
tcp|in|d=25,587|s=103.207.xxx.xxx # lfd: (smtpauth) Failed SMTP AUTH login from 103.207.xxx.xxx VN/Vietnam/-): 5 in the last 3600 secs - Sat Jan 13 03:59:29 2018