Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

How to increase csf.deny capacity on WHM

Discussion in 'Security' started by ovan, Apr 2, 2014.

  1. ovan

    ovan Member

    Joined:
    Nov 20, 2012
    Messages:
    9
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Hello,

    i use CSF plugin in my WHM, and recently my server has got thousands of login failure attacks. i assumed this is a ddos or brute force attack, every attackers ip has been permanently blocked by CSF.
    but the csf.deny capacity is only for 1000 ip, and the attackers ip are more than thousands.

    How to increase the csf.deny blocked ip capacity.?
    because cphulk doesn't help muh :rolleyes:
     
  2. es2alna

    es2alna Well-Known Member

    Joined:
    Mar 30, 2014
    Messages:
    67
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Egypt
    cPanel Access Level:
    Root Administrator
    I guess you better start using CC_DENY and block some countries.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,367
    Likes Received:
    1,856
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  4. quizknows

    quizknows Well-Known Member

    Joined:
    Oct 20, 2009
    Messages:
    1,010
    Likes Received:
    87
    Trophy Points:
    78
    cPanel Access Level:
    DataCenter Provider
    in /etc/csf/csf.conf adjust the DENY_IP_LIMIT setting, then restart csf/lfd

    It may complain if you set it very high, but if you are on a good dedicated server it should not be an issue to raise it higher.
     
  5. robb3369

    robb3369 Well-Known Member

    Joined:
    Mar 1, 2008
    Messages:
    122
    Likes Received:
    0
    Trophy Points:
    66
    cPanel Access Level:
    Root Administrator
    I'd sort the list and start blocking subnets... But if its more "drive by" style, just set the temp ban longer and remove the older permanent ones.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice