Highest Voted 'lfd' Questions - Server Fault Stack Exchange

0

votes

2 answers

/usr/sbin/amavisd-new - why is pcmd/regex not working for this command in csf.pignore?

For some reason I cannot get CSF's LFD (/etc/csf/csf.pignore) to ignore amavisd-new running via perl. The daemon runs via /usr/bin/perl /usr/sbin/amavisd-new (some mode) however it seems that when I use regex based pcmd:, LFD won't ignore it. Is…

asked Oct 17 '16 at 18:23

dhaupin

113
7

0

votes

1 answer

Why is lfd prematurely removing blocks?

As you can see in the excerpted log file below (from /var/log/lfd.log), lfd is prematurely removing temporary blocks that it imposes on IPs: Apr 7 13:07:59 host lfd[32117]: (wordpressxmlrpc) Request of xmlrpc.php. None of our users legitimately…

linux centos firewall csf lfd

asked Apr 07 '16 at 18:28

rinogo

329
4
13

0

votes

1 answer

Does LFD check for failed HTTP Digest login attempts?

I am sure that LFD (Login Failure Daemon) checks Apache's error log for failed HTTP authentication attempts ie. log entries like: [Mon Feb 25 10:12:45 2013] [error] [client 10.0.0.1] user FAKEUSER not found: /index.html [Mon Feb 25 10:11:56 2013]…

apache-2.2 authentication csf lfd

asked Feb 25 '13 at 15:26

WooDzu

107
5

0

votes

1 answer

Malicious activity on EXE:/usr/bin/php CMD:/usr/bin/php

Possible Duplicate: How do I deal with a compromised server? Checking the lfd.log and noticed a block log for a script: Jan 10 22:01:36 xxx lfd[871]: *User Processing* PID:27023 Kill:0 User:xxxx Time:610472 EXE:/usr/bin/php CMD:/usr/bin/php…

php lfd

asked Jan 10 '13 at 22:31

Armand

115
8

0

votes

0 answers

LFD: Excessive resource usage when running NodeJS app

I've been learning express (nodejs framework) for the past month and I was able to deploy a nodejs app to my WHM VPS server and everything is working just fine. However, I've been getting a lot of emails and warnings from lfd (firewall software used…

node.js lfd whm

asked May 11 '22 at 11:21

Fadi Obaji

103
1
5

0

votes

1 answer

How can I prevent simultaneous connections from single IP?

I am running a Wordpress site on digital ocean droplet, and the droplet is running CentOS with CWP. Website is new so it has very low amount of genuine traffic, on average it has around 3-5 visitors per day. However, the site is under attack since…

apache-2.4 centos7 denial-of-service lfd

asked Jun 02 '20 at 05:22

Alena

97
1
8

-1

votes

1 answer

cPanel server - Dovecot logins failing on specific IP address

I'm having a strange issue with one of our cPanel/WHM servers where it appears to be failing dovecot (IMAP/POP3) logins only from a specific IP address. The client was setting up a new workstation and had forgotten the password to one of their…

authentication dovecot csf lfd

asked Feb 13 '13 at 08:07

Brett

1
1
3

Questions tagged [lfd]

/usr/sbin/amavisd-new - why is pcmd/regex not working for this command in csf.pignore?

Why is lfd prematurely removing blocks?

Does LFD check for failed HTTP Digest login attempts?

Malicious activity on EXE:/usr/bin/php CMD:/usr/bin/php

LFD: Excessive resource usage when running NodeJS app

How can I prevent simultaneous connections from single IP?

cPanel server - Dovecot logins failing on specific IP address