Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Adding to CSF's Temporary Deny via PHP

Discussion in 'Security' started by GoWilkes, Jun 5, 2019.

Tags:
  1. GoWilkes

    GoWilkes Well-Known Member

    Joined:
    Sep 26, 2006
    Messages:
    425
    Likes Received:
    7
    Trophy Points:
    168
    cPanel Access Level:
    Root Administrator
    I'm using CSF (ConfigServer Firewall). Can you guys suggest a way to add an IP to the Temporary Deny list from a user's PHP?

    I know how to do it with the CSF GUI and by SSH, but I'm hoping to figure out a way to add IPs that try to access certain pages that don't exist (like "wp-login.php"). Some of my hosting clients use Wordpress, though, so I can't block ALL references to it; just from my own personal sites that are much higher in traffic and don't use Wordpress.

    I'm currently adding IPs to a database that try to access specific pages, and then pages look up user's IP, compares it to the database, and if it's found they get a Forbidden error. But it would be great to block them at the firewall.
     
  2. fuzzylogic

    fuzzylogic Well-Known Member

    Joined:
    Nov 8, 2014
    Messages:
    131
    Likes Received:
    76
    Trophy Points:
    28
    cPanel Access Level:
    Root Administrator
    If this is correct,
    then you are 90% there already.
    CSF has configuration settings to manage how to add IPs to the firewall that repeatedly generate 403 http status with their requests.
    These settings are used by a LFD action to set Number of 403s to trigger and to set Permanent Block or Temp block with period.
    Search CSF configuration page for...
    LF_APACHE_403
    LF_APACHE_403_PERM
    LF_INTERVAL
    for usage instructions.

    Perhaps post a sample entry from apache's error_log of an ip in your database generating a 403 status to see if its likely to be a candidate for the LF_APACHE_403 action.
    Anonymize the server ip and client ip.
     
    cPanelMichael likes this.
  3. cPanelMichael

    cPanelMichael Technical Support Community Manager Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    47,529
    Likes Received:
    2,181
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello @GoWilkes,

    Let us know if the information in the previous post helps.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice