fuzzylogic

1. Community
2. Security
3. Limit number of brute force emails?

Also if emails are what you think is the problem then you should read this old thread.

• View comment
• fuzzylogic
• April 12, 2019 06:49
• 0 votes

1. Community
2. Security
3. Limit number of brute force emails?

Hi fuzzylogic How can I activate the lists: CXS_LF_CPANEL and CXS_LF_POP3 I should have been more clear. Configserver Exploit Scanner (CXS) is a paid plugin from Configserver. It is not the same p...

• View comment
• fuzzylogic
• April 12, 2019 06:45
• 0 votes

1. Community
2. Security
3. Limit number of brute force emails?

I have only 30+ out of 1000 in my csf.deny that have the comment fragment.... # lfd: (PERMBLOCK) This is probably due to my having cxs installed with all configserver blocklists active except CXS...

• View comment
• fuzzylogic
• April 11, 2019 10:15
• 0 votes

1. Community
2. Security
3. Limit number of brute force emails?

Have you tried... LF_CPANEL = 5 Default: 5 [0-100] LF_CPANEL_PERM = 1 Default: 1 [0-604800] You are only blocking them for 15 minutes. If you have these settings for a few days...

• View comment
• fuzzylogic
• April 11, 2019 02:44
• 0 votes

1. Community
2. Security
3. mod_security rule not working

noticed that it accesses cached webpage and thereby by-passes apache. This is a non-issue. Apache serves this request exactly the same as it might serve a request for index.html or theme.css or any...

• View comment
• fuzzylogic
• April 09, 2019 08:47
• 0 votes

1. Community
2. Security
3. mod_security rule not working

Couple of points. "@rx ^(?:Datanyze)$" @rx calls the regex operator. Same happens if you omit an operator. The regex you are applying to the User-Agent value is... ^(?:Datanyze)$" This will only ...

• View comment
• fuzzylogic
• April 08, 2019 22:23
• 0 votes

1. Community
2. Security
3. Problem with ModSecurity Vendors

Reading the warnings you got when you tried to add the vendor meta_comodo_litespeed.yaml It appears you have two vendor rulesets partially deleted. It seems the first issue happened with cxs rule ...

• View comment
• fuzzylogic
• March 20, 2019 08:51
• 0 votes

1. Community
2. Security
3. ModSecurity - Domain listed not mine

The host column with the domain name in your example is client supplied in the Request Header... Host: domainname.com A good client sets it to the domain the client was accessing when the request ...

• View comment
• fuzzylogic
• March 10, 2019 04:49
• 0 votes

1. Community
2. Security
3. Modsec found critical issue, but did nothing about it?

In WHM go to... Home " Security Center " ModSecurity" Tools " Hits List Use the search box there. Search for "security scanner" In the list of results find the one that your thread is about. Copy t...

• View comment
• fuzzylogic
• February 28, 2019 02:02
• 0 votes

1. Community
2. Security
3. Updating to OWASP v.3.1 question

I made a post on how to do this manually. It can be found here... It contains a link to the cPanel Documentation on how to create a Modsecurity Vendor. I find it worthwhile to do this. After it i...

• View comment
• fuzzylogic
• February 12, 2019 11:02
• 0 votes