The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

maldet inotify and error_log

Discussion in 'Security' started by upsforum, Nov 21, 2013.

  1. upsforum

    upsforum Well-Known Member

    Joined:
    Jul 27, 2005
    Messages:
    446
    Likes Received:
    0
    Trophy Points:
    16
    I installed maldet with inotify (--monitor option) and log, but the problem is that inotify register also the edited on error_log for all accounts:

    /home/user/public_html/error_log MODIFY 21 Nov 19:26:46
    /home/user/public_html/error_log MODIFY 21 Nov 19:26:46
    /home/user/public_html/error_log MODIFY 21 Nov 19:26:46
    /home/user/public_html/error_log MODIFY 21 Nov 19:26:49
    /home/user/public_html/error_log MODIFY 21 Nov 19:26:49

    is possible exclude this notify?
     
  2. LDHosting

    LDHosting Well-Known Member

    Joined:
    Jan 19, 2008
    Messages:
    93
    Likes Received:
    2
    Trophy Points:
    8
    cPanel Access Level:
    Root Administrator
    The maldet ignore file for inotify is at /usr/local/maldetect/ignore_inotify
     
  3. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,811
    Likes Received:
    671
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    You may want to contact the support team for this third-party application if you are not able to determine the solution through user feedback.

    Thank you.
     
  4. upsforum

    upsforum Well-Known Member

    Joined:
    Jul 27, 2005
    Messages:
    446
    Likes Received:
    0
    Trophy Points:
    16
    I added in ignore_inotify but not work

    ^/var/tmp/mysql.sock$
    ^/tmp/mysql.sock$
    ^/var/cache/buagent/md0.cache.data$
    ^/var/tmp/#sql_.*\.MYD$
    ^/tmp/#sql_.*\.MYD$
    ^/home/.*/public_html/error_log$ <------ my row

    - - - Updated - - -

    now is correct:

    ^/home/.*/public_html/.*error_log$

    for any error_log ... in root and all sub directory

    thank you
     
Loading...

Share This Page