Results 1 to 3 of 3

Thread: CSF and Blocking ports

  1. #1
    Join Date
    Sep 2008
    Location
    London UK
    Posts
    1,654

    CSF and Blocking ports

    I've ask this on their forums without any luck...

    Currently, when CSF block IPs, it is a blanket block (all ports). Is there a setting to block just the port(s) that the "bad guy/girl" is attempting to brute force? I'm not keen on clients mistakenly entering, say, a wrong email password, get their IP blocked, and find out they are unable to access anything.

    Sample csf.deny entry
    Code:
    103.207.xxx.xxx # lfd: (smtpauth) Failed SMTP AUTH login from 103.207.xxx.xxx VN/Vietnam/-): 5 in the last 3600 secs - Sat Jan 13 03:59:29 2018
    But, it would be useful if it adds
    Code:
    tcp|in|d=25,587|s=103.207.xxx.xxx # lfd: (smtpauth) Failed SMTP AUTH login from 103.207.xxx.xxx VN/Vietnam/-): 5 in the last 3600 secs - Sat Jan 13 03:59:29 2018
    Regards, Peter
    UK Web Hosting - Professional & Reliable Shared and VPS Hosting! Offering DirectAdmin licences on our VPS's

  2. #2
    Join Date
    Feb 2006
    Posts
    231
    Easy, just change this setting from 0 to 1:

    Code:
    LF_SELECT =
    and read the corresponding text in the CSF file.
    Last edited by Remco00; 01-13-2018 at 08:49 AM.

  3. #3
    Join Date
    Sep 2008
    Location
    London UK
    Posts
    1,654
    Must had missed that option :/ Cheers

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •