The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Brute Force Warning : Executed actions: /etc/apf/apf -d at

Discussion in 'General Discussion' started by isputra, Feb 21, 2006.

Thread Status:
Not open for further replies.
  1. isputra

    isputra Well-Known Member

    Joined:
    May 3, 2003
    Messages:
    576
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Mbelitar
    Hi,

    Yesterday i have mail from BFD/APF with this :

    -------------------------------
    The following are event logs for exceeded login failures from at on service apache (all time stamps are GMT +0100):
    ----
    - Executed actions:
    /etc/apf/apf -d at
    ------------------------------

    Today i have a message again :

    ----------------------------------
    The following are event logs for exceeded login failures from at on service apache (all time stamps are GMT +0100):
    ----
    - Executed actions:
    at was found inside a defined exclude file, or host has already been banned.
    ------------------------------------

    Why the action not banned IP but "at" ?
     
  2. visiox

    visiox Well-Known Member

    Joined:
    Jan 19, 2004
    Messages:
    49
    Likes Received:
    0
    Trophy Points:
    6
    Hi there,

    I'm nut sure if I understand your posting... :confused: ;)

    "at" was already banned/blocked yesterday
     
  3. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    I'd suggest you go to the app developers forums and ask for support since this is not cPanel related. Check you have updated versions of their apps installed, though.
     
  4. isputra

    isputra Well-Known Member

    Joined:
    May 3, 2003
    Messages:
    576
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Mbelitar
    Sorry for my poor language :D

    What i mean is that if APF banned IP, the Executed actions:
    /etc/apf/apf -d 111.111.111.111

    But on my case, APF banned "at" not the IP.
     
  5. fleksi

    fleksi Well-Known Member

    Joined:
    Sep 17, 2003
    Messages:
    125
    Likes Received:
    0
    Trophy Points:
    16
    upgrade your APF to the latest version, you will have only IPs in your deny_hosts.rules

    -fl-
     
    #5 fleksi, Feb 21, 2006
    Last edited: Feb 21, 2006
  6. MakassarNET

    MakassarNET Well-Known Member

    Joined:
    Dec 6, 2004
    Messages:
    45
    Likes Received:
    0
    Trophy Points:
    6
    The APF is actually already perform those command. Try to login to your server as root and try those command. You will notice that the IP is already in the ban list. They sending you those command include the action that the visitor doing to your server. So it doesn't mean that you need to perform those command again.


    Regards,
     
  7. isputra

    isputra Well-Known Member

    Joined:
    May 3, 2003
    Messages:
    576
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Mbelitar

    OK, upgrade apf to 0.9.6

    Anyone have an example of conf.apf and for antidos that works with cpanel ? Mine is works but i want to know how others conf to have better performance for my server.

    Also, how to know that APF and BFD is running ? After upgrade, now i never have a message from APF that i received everyday.

    Do apf -r and bfd -s but still did not received the email from APF

    Thanks.
     
    #7 isputra, Feb 22, 2006
    Last edited: Feb 22, 2006
Loading...
Thread Status:
Not open for further replies.

Share This Page