CSF / LFD с CloudLinux
Форум
  1. Forums
  2. General
  3. General Discussion
  1. tim Schoondergang
  2. Friday, 14 November 2014
  3.  Subscribe via email
sshd detection?
Rate this post:
  1. 14.11.2014 03:11:15
  2. # 1
tim Schoondergang Accepted Answer
Posts: 11
Joined: 14.11.2014
0
Votes
Undo
We have convert 2 servers from CentOS 6 with cPanel, Jailshell, CSF/LFD, ModSec and some extra security tools to CloudLinux.

But now we see that LFD doesn\'t show us sshd failed login attemps as it did before. And it doesn\'t block any failed login attemps as it did before.

Did we made an error in configuring CSF/CloudLinux?

Or don\'t this combination work?

(Just in case: We need to have sshd on 22 for some of our clients.)
  1. 14.11.2014 07:11:52
  2. # 2
Hostking Accepted Answer
Posts: 38
Joined: 07.11.2012
0
Votes
Undo
Works fine for us :) You may need to just check the config of your CSF setup.

Look at the RESTRICT_SYSLOG setting which causes it not to use the individual app limit blocks below.

We set ours on 2 for some servers and it works great.
  1. 14.11.2014 07:11:22
  2. # 3
tim Schoondergang Accepted Answer
Posts: 11
Joined: 14.11.2014
0
Votes
Undo
We also have the RESTRICT_SYSLOG on 2.

It works for ftp and imap/pop3 but the sshd failed login will not be detected.

We know there they try to login, because one ip below and up of those cloudserver servers they are detected
  • Page :
  • 1


There are no replies made for this post yet.
Be one of the first to reply to this post!
гость
Submit Your Response
Upload files or images for this discussion by clicking on the upload button below. Supports gif,jpg,png,zip,rar,pdf
• Insert • Remove Upload Files (Maximum File Size: 2 MB)
Captcha
To protect the site from bots and unauthorized scripts, we require that you enter the captcha codes below before posting your question.