We are happy to announce that Vesta is back under active development as of 25 February 2024. We are working on v1 candidate and expect to engage more with the community over the coming months. We are committed to open source, and we encourage contributors to help us build the future of Vesta.
[HOWTO] Install CSF + Use it's GUI in VestaCP
Re: [HOWTO] Install CSF + Use it's GUI in VestaCP
Hi,
the url is not working, could you recheck the original post.
Thanks
the url is not working, could you recheck the original post.
Thanks
Re: [HOWTO] Install CSF + Use it's GUI in VestaCP
Working for me? What error do you see?asdcxz wrote:Hi,
the url is not working, could you recheck the original post.
Thanks
Re: [HOWTO] Install CSF + Use it's GUI in VestaCP
I've tried several times this rule, and every variation a could think of, with no success whatsoever.jonn wrote:Share customlog entry to block failed vestacp login attempts.
on debian 7
open. /etc/csf/regex.custom.pm
add after # "1" = n/temporary (n = number of seconds ..."5" is count of failed loginsCode: Select all
#vestacp if (($globlogs{CUSTOM1_LOG}{$lgfile}) and ($line =~ /^\S+\s+\S+\s+\S+\s+\S+\s+failed to login/)) { return ("Failed vestacp control-panel login from",$1,"VESTAloginAttempt","5","8083","60"); }
"8083" the port to block
"60" how long to deny (60 is 1 minute) so change to what you want, or 1 for permanent.
open /etc/csf/csf.conf
add where you find CUSTOM1_LOGdont block yourself, keep the deny time to low for testingCode: Select all
CUSTOM1_LOG = "/var/log/vesta/auth.log"
if you change regex a little, please share changes..
and any other csf customlog blocking that may be helpful to all of us related only to vestacp control panel...
dont forget to add your OS
I've enabled debug on csf, and I can see the file auth.log being parsed and and checked but it never logs any wrong try.
I've gone as far as this:
Code: Select all
#vestacp
if (($globlogs{CUSTOM1_LOG}{$lgfile}) and ($line =~ /.*/)) {
return ("Failed vestacp control-panel login from",$1,"VESTAloginAttempt","5","8083","60");
}
Can anyone help with this? My OS is Centos 7 with VestaCP 0.9.8-16 and I'm out of ideas :/
I can share any configuration you may need to figure this out, and any help or tip that can steer me in the right direction would be greatly appreciated.
Re: [HOWTO] Install CSF + Use it's GUI in VestaCP
What's in your auth.log? Give me a few examples of errors (i don't have any to see on my servers)moucho wrote:I've tried several times this rule, and every variation a could think of, with no success whatsoever.jonn wrote:Share customlog entry to block failed vestacp login attempts.
on debian 7
open. /etc/csf/regex.custom.pm
add after # "1" = n/temporary (n = number of seconds ..."5" is count of failed loginsCode: Select all
#vestacp if (($globlogs{CUSTOM1_LOG}{$lgfile}) and ($line =~ /^\S+\s+\S+\s+\S+\s+\S+\s+failed to login/)) { return ("Failed vestacp control-panel login from",$1,"VESTAloginAttempt","5","8083","60"); }
"8083" the port to block
"60" how long to deny (60 is 1 minute) so change to what you want, or 1 for permanent.
open /etc/csf/csf.conf
add where you find CUSTOM1_LOGdont block yourself, keep the deny time to low for testingCode: Select all
CUSTOM1_LOG = "/var/log/vesta/auth.log"
if you change regex a little, please share changes..
and any other csf customlog blocking that may be helpful to all of us related only to vestacp control panel...
dont forget to add your OS
I've enabled debug on csf, and I can see the file auth.log being parsed and and checked but it never logs any wrong try.
I've gone as far as this:So every line on the log file should be considered as a failed login attempt, but it doesn't matter.Code: Select all
#vestacp if (($globlogs{CUSTOM1_LOG}{$lgfile}) and ($line =~ /.*/)) { return ("Failed vestacp control-panel login from",$1,"VESTAloginAttempt","5","8083","60"); }
Can anyone help with this? My OS is Centos 7 with VestaCP 0.9.8-16 and I'm out of ideas :/
I can share any configuration you may need to figure this out, and any help or tip that can steer me in the right direction would be greatly appreciated.
Re: [HOWTO] Install CSF + Use it's GUI in VestaCP
This is an example (I've changed my IP):
Firstly two white spaces, then the username, IP and error message
Code: Select all
asdfasdf 10.0.0.0 failed to login
asdfasdf 10.0.0.0 failed to login
asdfasdf 10.0.0.0 failed to login
asdfasdf 10.0.0.0 failed to login
asdfasdf 10.0.0.0 failed to login
asdfasdf 10.0.0.0 failed to login
Re: [HOWTO] Install CSF + Use it's GUI in VestaCP
Try this:moucho wrote:This is an example (I've changed my IP):Firstly two white spaces, then the username, IP and error messageCode: Select all
asdfasdf 10.0.0.0 failed to login asdfasdf 10.0.0.0 failed to login asdfasdf 10.0.0.0 failed to login asdfasdf 10.0.0.0 failed to login asdfasdf 10.0.0.0 failed to login asdfasdf 10.0.0.0 failed to login
Code: Select all
#vestacp
if (($globlogs{CUSTOM1_LOG}{$lgfile}) and ($line =~ /(\S+) failed to login/)) {
return ("Failed vestacp control-panel login from",$1,"VESTAloginAttempt","5","8083","60");
}
Re: [HOWTO] Install CSF + Use it's GUI in VestaCP
Thanks so much!!!
I'm speechless, I can't really thank you enough, I've tried for hours without success.
May I ask you to explain to me that why this works? Is this syntax different from any other regex syntax, because I check and the lines where being interpreted correctly by other tools but not csf?
Is there some way to check that the syntax is valid, or some guide I can use for csf?
Thanks again.
I'm speechless, I can't really thank you enough, I've tried for hours without success.
May I ask you to explain to me that why this works? Is this syntax different from any other regex syntax, because I check and the lines where being interpreted correctly by other tools but not csf?
Is there some way to check that the syntax is valid, or some guide I can use for csf?
Thanks again.
Re: [HOWTO] Install CSF + Use it's GUI in VestaCP
I used https://regex101.com/ but what you was using failed as a regex.moucho wrote:Thanks so much!!!
I'm speechless, I can't really thank you enough, I've tried for hours without success.
May I ask you to explain to me that why this works? Is this syntax different from any other regex syntax, because I check and the lines where being interpreted correctly by other tools but not csf?
Is there some way to check that the syntax is valid, or some guide I can use for csf?
Thanks again.
Re: [HOWTO] Install CSF + Use it's GUI in VestaCP
There's a weired problem on my csf.
Re: [HOWTO] Install CSF + Use it's GUI in VestaCP
Try changing the file permissons.RamMae wrote:There's a weired problem on my csf.
755 for directory and 644 for files.