Ips blocking
- Thread starter hmaddy
- Start date
Richard G
Verified User
Check your brute force manager, because if they get into the ip_blacklist of DA, it's DA's BFM which is putting them there.
I think I already answered that recently to you, could be mistaken.
I think I already answered that recently to you, could be mistaken.
yeah, its due to brute force. But its happens to all visitors of all accounts in a server. so i cant find out the root cause of this issue.
Richard G
Verified User
Please don't quote full posts, the reply button is in fact a quote full post button, so better not use it. 
The root cause is mentioned in the Brute Force Monitor part in Directadmin.
What you will see in the Brute Force Manager is user, attempts, filter etc. and with filter it will probably be Exim or Dovecot and you will see lines like this:
these are not visitors, these are hackers bruteforcing customers mail passwords.
You might want to post a part from your Brute Force Manager log, if it looks different then this so we can see.
But I hardly think there are visitors being blocked.
The root cause is mentioned in the Brute Force Monitor part in Directadmin.
What you will see in the Brute Force Manager is user, attempts, filter etc. and with filter it will probably be Exim or Dovecot and you will see lines like this:
Code:
2022-02-22 14:36:53 login authenticator failed for ([127.0.0.1]) [160.242.113.91]: 535 Incorrect authentication data (set_id=developers)You might want to post a part from your Brute Force Manager log, if it looks different then this so we can see.
But I hardly think there are visitors being blocked.