How to avoid LFD to send e-mail on incorrect access to SSH

Operating System & Version
CentOS 7.8
cPanel & WHM Version
88.0.13

desytec

Registered
Oct 11, 2018
3
0
1
Chile
cPanel Access Level
Root Administrator
Hello,

I am receiving a lot of mails of this kind:

lfd on vps.xxx.com: WHM/cPanel root access alert from yyy.yyy.yyy.yyy (CL/Chile/-) ----> This is my own connection to WHM. I don't know why I receive that e-mail.

Also... a lot of wrong accesses to SSH from all over the word (hackers for sure).

How can I avoid the reception of such mails?

In "ConfigServer Security & Firewall" page of WHM, there are some LFD settings but I am not sure which one I should modify.

Regards
Jaime
 

hmaddy

Well-Known Member
May 6, 2020
177
19
18
Chennai
cPanel Access Level
Root Administrator
Steps to disable all LFD email Alerts.

1) Login to WHM.

2) Navigate to “ConfigServer Security & Firewall” under “Plugin” section.
3) Click on “Firewall Configuration” button to edit the CSF configuration file.
4) Search for “LF_EMAIL_ALERT” on the configuration file and change it from “On” to “Off” button.
5) Click on “Change” button to save the changes.
need to restart csf and lfd services to enable all changes that we made in the above steps. So click on “Restart csf+lfd” button to restart both the services.


This can do above setting via terminal also.

1) Log in to the server via SSH.

2) Open csf configuration file and search for LF_PERMBLOCK_ALERT and set the value with 0.

# vi /etc/csf/csf.conf

LF_EMAIL_ALERT =0

3) Then you need to restart both csf and lfd services to enable the changes.

# service csf restart

# service lfd restart