Community Forums
Connect with us on LinkedIn
Brute Force Warning : Executed actions: /etc/apf/apf -d at
  
Closed Thread
Results 1 to 7 of 7
  1. 02-21-2006 02:26 AM #1
    isputra
    isputra is offline
    Member isputra's Avatar
    Join Date
    May 2003
    Location
    Mbelitar
    Posts
    593

    Default Brute Force Warning : Executed actions: /etc/apf/apf -d at

    Hi,

    Yesterday i have mail from BFD/APF with this :

    -------------------------------
    The following are event logs for exceeded login failures from at on service apache (all time stamps are GMT +0100):
    ----
    - Executed actions:
    /etc/apf/apf -d at
    ------------------------------

    Today i have a message again :

    ----------------------------------
    The following are event logs for exceeded login failures from at on service apache (all time stamps are GMT +0100):
    ----
    - Executed actions:
    at was found inside a defined exclude file, or host has already been banned.
    ------------------------------------

    Why the action not banned IP but "at" ?
    It's me ...... It's me ......
  2. 02-21-2006 05:36 AM #2
    visiox
    visiox is offline
    Member
    Join Date
    Jan 2004
    Posts
    49

    Default

    Hi there,

    I'm nut sure if I understand your posting...

    at was found inside a defined exclude file, or host has already been banned
    "at" was already banned/blocked yesterday
    Web Hosting & Custom Software Development
    FirstNetGuard
    1 2 3 4 5 6 7
    8
  3. 02-21-2006 10:45 AM #3
    chirpy
    chirpy is offline
    Super Moderator This forum account has been confirmed by cPanel staff to represent a vendor. chirpy's Avatar
    Join Date
    Jun 2002
    Location
    Go on, have a guess
    Posts
    13,495

    Default

    I'd suggest you go to the app developers forums and ask for support since this is not cPanel related. Check you have updated versions of their apps installed, though.
    Jonathan Michaelson

    Need your cPanel servers secured and tuned?
    cPanel Server Configuration, Security, Recovery and Antivirus/AntiSpam Services
    Developers of the most effective (and free) Firewall & Security Solution for cPanel Servers - csf
    http://www.configserver.com
  4. 02-21-2006 06:06 PM #4
    isputra
    isputra is offline
    Member isputra's Avatar
    Join Date
    May 2003
    Location
    Mbelitar
    Posts
    593

    Default

    Quote Originally Posted by visiox
    Hi there,

    I'm nut sure if I understand your posting...

    "at" was already banned/blocked yesterday
    Sorry for my poor language

    What i mean is that if APF banned IP, the Executed actions:
    /etc/apf/apf -d 111.111.111.111

    But on my case, APF banned "at" not the IP.
    It's me ...... It's me ......
  5. 02-21-2006 09:29 PM #5
    fleksi
    fleksi is offline
    Member
    Join Date
    Sep 2003
    Posts
    126

    Default

    upgrade your APF to the latest version, you will have only IPs in your deny_hosts.rules

    -fl-
    Last edited by fleksi; 02-21-2006 at 09:34 PM.
  6. 02-22-2006 01:11 AM #6
    MakassarNET
    MakassarNET is offline
    Member
    Join Date
    Dec 2004
    Posts
    47

    Default

    The APF is actually already perform those command. Try to login to your server as root and try those command. You will notice that the IP is already in the ban list. They sending you those command include the action that the visitor doing to your server. So it doesn't mean that you need to perform those command again.


    Regards,
    Hernan C. Halim

    MakassarNET Technologies, Inc.
    Makassar, South Sulawesi 90222 - INDONESIA
    Website: www.makassarhosting.net | www.makassarnet.com | www.situs-indonesia.com | www.makassar-design.com
    Email: info@makassarnet.com
  7. 02-22-2006 06:44 PM #7
    isputra
    isputra is offline
    Member isputra's Avatar
    Join Date
    May 2003
    Location
    Mbelitar
    Posts
    593

    Default

    Quote Originally Posted by fleksi
    upgrade your APF to the latest version, you will have only IPs in your deny_hosts.rules

    -fl-

    OK, upgrade apf to 0.9.6

    Anyone have an example of conf.apf and for antidos that works with cpanel ? Mine is works but i want to know how others conf to have better performance for my server.

    Also, how to know that APF and BFD is running ? After upgrade, now i never have a message from APF that i received everyday.

    Do apf -r and bfd -s but still did not received the email from APF

    Thanks.
    Last edited by isputra; 02-22-2006 at 07:14 PM.
    It's me ...... It's me ......
«   How to modify cig-sys file? | emergency, need to disallow nobody@servername.com sends »     
Similar Threads & Tags
Similar threads

  1. Brute Force
    By jeck in forum Security
    Replies: 4
    Last Post: 11-16-2009, 06:38 PM
  2. Brute Force
    By jeck in forum cPanel and WHM Discussions
    Replies: 4
    Last Post: 11-16-2009, 06:38 PM
  3. Brute force
    By iLLuSi0nS in forum cPanel and WHM Discussions
    Replies: 6
    Last Post: 06-10-2009, 01:58 PM
  4. Brute Force Q
    By rfonseca in forum cPanel and WHM Discussions
    Replies: 3
    Last Post: 02-01-2005, 04:20 PM
  5. Warning about APF + How to Disable?
    By mygregory in forum New User Questions
    Replies: 8
    Last Post: 08-14-2004, 07:37 PM
Linkedin       Facebook       Twitter       RSS       Flickr       YouTube