Webmail bruteforce protection

sufiyanshaikh

Verified User
Joined
Aug 14, 2019
Messages
181
Hello,

I am facing brute force attack on webmail
How to add limits on incorrect login?
I already have CSF installed but the block is not working.
Please help
 
CSF should auto-block these. Is DirectAdmin enabled in csf.conf options?
 
Code:
grep "^DIRECTADMIN =" /etc/csf/csf.conf
I think LFD not scan in /var/www/html/roundcube/logs/errors

they have login fail log but LFD not scan
this is bug ?

in BFW it log likely
Code:
 imap-login: Disconnected (auth failed, 1 attempts in 2 secs): user=<test>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1

while in roundcube log is
Code:
IMAP Error: Login failed for test against localhost from ...


====UPDATE
this is bug of roundcube while roundcube log is : errors.log
and while csf scan file is : errors
 
Last edited:
Thanks for the report. Issue found/fixed. Caused by RC 1.4 update, changing where the log errors to.
Was "errors" now goes to "errors.log". Changed the internal default:

Pre-release binaries are now up, but will be pushing 1.61.3 very shortly to address the issue.

John
 
Thanks for the report. Issue found/fixed. Caused by RC 1.4 update, changing where the log errors to.
Was "errors" now goes to "errors.log". Changed the internal default:

Pre-release binaries are now up, but will be pushing 1.61.3 very shortly to address the issue.

John


Thanks John. I appreciate it
 
Back
Top