The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Error logs and what action to take

Discussion in 'General Discussion' started by Audiopro, May 2, 2014.

  1. Audiopro

    Audiopro Active Member

    Joined:
    Feb 15, 2014
    Messages:
    37
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    Root Administrator
    This is part of my log file.
    I am a newbie at this server lark and was wondering, what action I should take or is the server security doing it's job and no action required?
    Code:
    May  2 05:56:48 server1 PAM-hulk[12779]: Brute force detection active: 580 LOGIN DENIED -- TOO MANY FAILURES -- IP TEMP BANNED
    May  2 05:56:50 server1 PAM-hulk[12786]: Brute force detection active: 580 LOGIN DENIED -- TOO MANY FAILURES -- IP TEMP BANNED
    May  2 05:57:19 server1 pure-ftpd: (?@127.0.0.1) [INFO] New connection from 127.0.0.1
    May  2 05:57:19 server1 pure-ftpd: (?@127.0.0.1) [INFO] __cpanel__service__auth__ftpd__KLmMgQetGfiIAG2nBI2tcIDf3RFCTomjC6E0E4rTNsrvUyEiLhc9fX5ofbvs50fn is now logged in
    May  2 05:57:20 server1 pure-ftpd: (__cpanel__service__auth__ftpd__KLmMgQetGfiIAG2nBI2tcIDf3RFCTomjC6E0E4rTNsrvUyEiLhc9fX5ofbvs50fn@127.0.0.1) [INFO] Logout.
    May  2 06:02:20 server1 pure-ftpd: (?@127.0.0.1) [INFO] New connection from 127.0.0.1
    May  2 06:02:21 server1 pure-ftpd: (?@127.0.0.1) [INFO] __cpanel__service__auth__ftpd__U18suvQakJ4dPj8TvMFXZN7n3gudP6YZ2L6M6m6xMEH3PBBguiNLjNeGz8DMEPpL is now logged in
    May  2 06:02:21 server1 pure-ftpd: (__cpanel__service__auth__ftpd__U18suvQakJ4dPj8TvMFXZN7n3gudP6YZ2L6M6m6xMEH3PBBguiNLjNeGz8DMEPpL@127.0.0.1) [INFO] Logout.
    May  2 06:07:21 server1 pure-ftpd: (?@127.0.0.1) [INFO] New connection from 127.0.0.1
    May  2 06:07:22 server1 pure-ftpd: (?@127.0.0.1) [INFO] __cpanel__service__auth__ftpd__3NsHrTwqe5Nx_3NlIC4C0JFquXz8lvNMaOzEGnsvovqNBy0nUA04aZSsG2F27q5o is now logged in
     
  2. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,468
    Likes Received:
    196
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    The first 2 lines show cPHulk is doing its job. The rest is normal and can be ignored, server is checking services.
     
  3. Audiopro

    Audiopro Active Member

    Joined:
    Feb 15, 2014
    Messages:
    37
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    Root Administrator
    Thanks for that - I will look into what cPHulk does as it appears to be my friend.
    Code:
    Checking syntax of the code tags
    
     
  4. Audiopro

    Audiopro Active Member

    Joined:
    Feb 15, 2014
    Messages:
    37
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    Root Administrator
    I have been looking for a way to empty the var/log/messages file or better still, just leave the last 200/300 lines.

    I can find plenty of examples of 'rm' but I don't want to delete the file.
     
  5. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,811
    Likes Received:
    671
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    I suggest keeping the log entries unless you are short on disk space. That being said, you could setup LogRotate to rotate /var/log/messages once it reaches a certain size.

    Thank you.
     
  6. Audiopro

    Audiopro Active Member

    Joined:
    Feb 15, 2014
    Messages:
    37
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    Root Administrator
    Thanks, I will look into logrotate as it sounds like a better solution.
     
Loading...

Share This Page