BFM using csf.deny and not iptables directly

[SEO Guru]

I am wondering why Brute Force Monitor is adding entries in csf.deny instead of using csf command to ban through iptables directly. Wouldnt this be a more neat integration?

 

[SEO Guru]

By the way CSF is still good tech. Love you guys keep maintaining it. Thanks!

 

[Ohm J]

The fact, they still use the command, but only use the perm block instead of temp block when setting BFM to ban on the timing like 1hr.

 

[Richard G]

Wouldnt this be a more neat integration?

There is a choice. By default as Ohm J stated, the perm block is used.
However, you can create custom files if you want to use temporary blocks.
This requires the brute_force_notice_ip.sh and block_ip.sh in the /usr/local/directadmin/scripts/custom directory.
This will however overrule the build in section. I can give you the contents if you're interested. I also use them as I also want to decide on what to give perm blocks and how long temp blocks should be active.

 

[zEitEr]

I am wondering why Brute Force Monitor is adding entries in csf.deny instead of using csf command to ban through iptables directly. Wouldnt this be a more neat integration?

Can not say anything about the native implementation, but you might try this alternative integration:

GitHub - poralix/directadmin-bfm-csf: A set of scripts to let Brute Force Monitor in DirectAdmin to block IPs using CSF/LFD. If you need custom installation or support please feel free to request it here or on our site

A set of scripts to let Brute Force Monitor in DirectAdmin to block IPs using CSF/LFD. If you need custom installation or support please feel free to request it here or on our site - poralix/direct...

github.com

created much before than directadmin started to support CSF natively.