How to increase csf.deny capacity on WHM

ovan

Member
Nov 20, 2012
9
0
1
cPanel Access Level
Root Administrator
Hello,

i use CSF plugin in my WHM, and recently my server has got thousands of login failure attacks. i assumed this is a ddos or brute force attack, every attackers ip has been permanently blocked by CSF.
but the csf.deny capacity is only for 1000 ip, and the attackers ip are more than thousands.

How to increase the csf.deny blocked ip capacity.?
because cphulk doesn't help muh :rolleyes:
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,909
2,228
463

quizknows

Well-Known Member
Oct 20, 2009
1,008
87
78
cPanel Access Level
DataCenter Provider
in /etc/csf/csf.conf adjust the DENY_IP_LIMIT setting, then restart csf/lfd

It may complain if you set it very high, but if you are on a good dedicated server it should not be an issue to raise it higher.
 

robb3369

Well-Known Member
Mar 1, 2008
122
1
66
cPanel Access Level
Root Administrator
I'd sort the list and start blocking subnets... But if its more "drive by" style, just set the temp ban longer and remove the older permanent ones.