How to increase csf.deny capacity on WHM

ovan

• April 02, 2014 00:59

Hello, i use CSF plugin in my WHM, and recently my server has got thousands of login failure attacks. i assumed this is a ddos or brute force attack, every attackers ip has been permanently blocked by CSF. but the csf.deny capacity is only for 1000 ip, and the attackers ip are more than thousands. How to increase the csf.deny blocked ip capacity.? because cphulk doesn't help muh :rolleyes:

• 

  es2alna

  • April 02, 2014 07:27

  I guess you better start using CC_DENY and block some countries.

  0
• 

  cPanelMichael

  • April 02, 2014 17:49

  Hello :) You may want to ask this question on the ConfigServer forums to get more input from the developers/users of the application. I found the following thread which might offer some advice: [url=http://forum.configserver.com/viewtopic.php?f=6&t=7516]ConfigServer Community Forum - csf.deny ip address deny limit Thank you.

  0
• 

  quizknows

  • April 02, 2014 19:35

  in /etc/csf/csf.conf adjust the DENY_IP_LIMIT setting, then restart csf/lfd It may complain if you set it very high, but if you are on a good dedicated server it should not be an issue to raise it higher.

  0
• 

  robb3369

  • April 02, 2014 21:34

  I'd sort the list and start blocking subnets... But if its more "drive by" style, just set the temp ban longer and remove the older permanent ones.

  0

Please sign in to leave a comment.