Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Brute Force Warning : Executed actions: /etc/apf/apf -d at

Discussion in 'General Discussion' started by isputra, Feb 21, 2006.

Thread Status:
Not open for further replies.
  1. isputra

    isputra Well-Known Member

    Joined:
    May 3, 2003
    Messages:
    575
    Likes Received:
    0
    Trophy Points:
    166
    Location:
    Mbelitar
    Hi,

    Yesterday i have mail from BFD/APF with this :

    -------------------------------
    The following are event logs for exceeded login failures from at on service apache (all time stamps are GMT +0100):
    ----
    - Executed actions:
    /etc/apf/apf -d at
    ------------------------------

    Today i have a message again :

    ----------------------------------
    The following are event logs for exceeded login failures from at on service apache (all time stamps are GMT +0100):
    ----
    - Executed actions:
    at was found inside a defined exclude file, or host has already been banned.
    ------------------------------------

    Why the action not banned IP but "at" ?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  2. visiox

    visiox Well-Known Member

    Joined:
    Jan 19, 2004
    Messages:
    49
    Likes Received:
    0
    Trophy Points:
    156
    Hi there,

    I'm nut sure if I understand your posting... :confused: ;)

    "at" was already banned/blocked yesterday
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,460
    Likes Received:
    22
    Trophy Points:
    463
    Location:
    Go on, have a guess
    I'd suggest you go to the app developers forums and ask for support since this is not cPanel related. Check you have updated versions of their apps installed, though.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  4. isputra

    isputra Well-Known Member

    Joined:
    May 3, 2003
    Messages:
    575
    Likes Received:
    0
    Trophy Points:
    166
    Location:
    Mbelitar
    Sorry for my poor language :D

    What i mean is that if APF banned IP, the Executed actions:
    /etc/apf/apf -d 111.111.111.111

    But on my case, APF banned "at" not the IP.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. fleksi

    fleksi Well-Known Member

    Joined:
    Sep 17, 2003
    Messages:
    125
    Likes Received:
    0
    Trophy Points:
    166
    upgrade your APF to the latest version, you will have only IPs in your deny_hosts.rules

    -fl-
     
    #5 fleksi, Feb 21, 2006
    Last edited: Feb 21, 2006
  6. MakassarNET

    MakassarNET Well-Known Member

    Joined:
    Dec 6, 2004
    Messages:
    45
    Likes Received:
    0
    Trophy Points:
    156
    The APF is actually already perform those command. Try to login to your server as root and try those command. You will notice that the IP is already in the ban list. They sending you those command include the action that the visitor doing to your server. So it doesn't mean that you need to perform those command again.


    Regards,
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  7. isputra

    isputra Well-Known Member

    Joined:
    May 3, 2003
    Messages:
    575
    Likes Received:
    0
    Trophy Points:
    166
    Location:
    Mbelitar

    OK, upgrade apf to 0.9.6

    Anyone have an example of conf.apf and for antidos that works with cpanel ? Mine is works but i want to know how others conf to have better performance for my server.

    Also, how to know that APF and BFD is running ? After upgrade, now i never have a message from APF that i received everyday.

    Do apf -r and bfd -s but still did not received the email from APF

    Thanks.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #7 isputra, Feb 22, 2006
    Last edited: Feb 22, 2006
Loading...
Thread Status:
Not open for further replies.

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice