How to avoid LFD to send e-mail on incorrect access to SSH

desytec

• July 29, 2020 16:56

Hello, I am receiving a lot of mails of this kind: lfd on vps.xxx.com: WHM/cPanel root access alert from yyy.yyy.yyy.yyy (CL/Chile/-) ----> This is my own connection to WHM. I don't know why I receive that e-mail. Also... a lot of wrong accesses to SSH from all over the word (hackers for sure). How can I avoid the reception of such mails? In "ConfigServer Security & Firewall" page of WHM, there are some LFD settings but I am not sure which one I should modify. Regards Jaime

• 

  hmaddy

  • July 29, 2020 22:16

  Steps to disable all LFD email Alerts. 1) Login to WHM. 2) Navigate to "ConfigServer Security & Firewall" under "Plugin" section. 3) Click on "Firewall Configuration" button to edit the CSF configuration file. 4) Search for "LF_EMAIL_ALERT" on the configuration file and change it from "On" to "Off" button. 5) Click on "Change" button to save the changes. need to restart csf and lfd services to enable all changes that we made in the above steps. So click on "Restart csf+lfd" button to restart both the services. This can do above setting via terminal also. 1) Log in to the server via SSH. 2) Open csf configuration file and search for LF_PERMBLOCK_ALERT and set the value with 0. # vi /etc/csf/csf.conf LF_EMAIL_ALERT =0 3) Then you need to restart both csf and lfd services to enable the changes. # service csf restart # service lfd restart

  0
• 

  cPanelLauren

  • July 29, 2020 22:41

  Thanks @anoopk350

  0

Please sign in to leave a comment.