WHM currently sends out the following email:
Wouldn't it be useful to include the offending IP that was blocked in the warning email itself?
(in my case this would allow me to quickly recognize whether it was a confused user at one of the three local ISPs whose IP ranges I recognize who was blocked or whether it a some bot/attack.)
What IP?whm said:Massive amount of failures from IP
5 login failures attempts to account administrator (system) -- too many attempts from this ip
Wouldn't it be useful to include the offending IP that was blocked in the warning email itself?
(in my case this would allow me to quickly recognize whether it was a confused user at one of the three local ISPs whose IP ranges I recognize who was blocked or whether it a some bot/attack.)