(Dec 29) New version 0.9.8-18 has been released

[HOWTO] Install CSF + Use it's GUI in VestaCP Topic is solved

Section with modification and patches for Vesta
Forum rules
Before creating a new topic or reply on the forum you should fill out additional fields "Os" and "Web" in your profile section.
In case of violation, the topic can be closed or response from the support will not be received.
asdcxz
Posts: 7
Joined: Fri Dec 11, 2015 11:34 am

Re: [HOWTO] Install CSF + Use it's GUI in VestaCP

Postby asdcxz » Thu Sep 15, 2016 4:50 am

Hi,

the url is not working, could you recheck the original post.

Thanks

SS88
Posts: 306
Joined: Thu Nov 19, 2015 12:40 pm

Re: [HOWTO] Install CSF + Use it's GUI in VestaCP

Postby SS88 » Thu Sep 15, 2016 12:30 pm

asdcxz wrote:Hi,

the url is not working, could you recheck the original post.

Thanks


Working for me? What error do you see?

moucho
Posts: 6
Joined: Tue Jun 28, 2016 5:32 pm

Re: [HOWTO] Install CSF + Use it's GUI in VestaCP

Postby moucho » Mon Sep 19, 2016 9:10 pm

jonn wrote:Share customlog entry to block failed vestacp login attempts.

on debian 7

open. /etc/csf/regex.custom.pm
add after # "1" = n/temporary (n = number of seconds ...

Code: Select all

#vestacp
if (($globlogs{CUSTOM1_LOG}{$lgfile}) and ($line =~ /^\S+\s+\S+\s+\S+\s+\S+\s+failed to login/)) {
  return ("Failed vestacp control-panel login from",$1,"VESTAloginAttempt","5","8083","60");
}


"5" is count of failed logins
"8083" the port to block
"60" how long to deny (60 is 1 minute) so change to what you want, or 1 for permanent.

open /etc/csf/csf.conf
add where you find CUSTOM1_LOG

Code: Select all

CUSTOM1_LOG = "/var/log/vesta/auth.log"


dont block yourself, keep the deny time to low for testing
if you change regex a little, please share changes..
and any other csf customlog blocking that may be helpful to all of us related only to vestacp control panel...
dont forget to add your OS


I've tried several times this rule, and every variation a could think of, with no success whatsoever.
I've enabled debug on csf, and I can see the file auth.log being parsed and and checked but it never logs any wrong try.
I've gone as far as this:

Code: Select all

#vestacp
if (($globlogs{CUSTOM1_LOG}{$lgfile}) and ($line =~ /.*/)) {
  return ("Failed vestacp control-panel login from",$1,"VESTAloginAttempt","5","8083","60");
}

So every line on the log file should be considered as a failed login attempt, but it doesn't matter.

Can anyone help with this? My OS is Centos 7 with VestaCP 0.9.8-16 and I'm out of ideas :/
I can share any configuration you may need to figure this out, and any help or tip that can steer me in the right direction would be greatly appreciated.

SS88
Posts: 306
Joined: Thu Nov 19, 2015 12:40 pm

Re: [HOWTO] Install CSF + Use it's GUI in VestaCP

Postby SS88 » Mon Sep 19, 2016 9:22 pm

moucho wrote:
jonn wrote:Share customlog entry to block failed vestacp login attempts.

on debian 7

open. /etc/csf/regex.custom.pm
add after # "1" = n/temporary (n = number of seconds ...

Code: Select all

#vestacp
if (($globlogs{CUSTOM1_LOG}{$lgfile}) and ($line =~ /^\S+\s+\S+\s+\S+\s+\S+\s+failed to login/)) {
  return ("Failed vestacp control-panel login from",$1,"VESTAloginAttempt","5","8083","60");
}


"5" is count of failed logins
"8083" the port to block
"60" how long to deny (60 is 1 minute) so change to what you want, or 1 for permanent.

open /etc/csf/csf.conf
add where you find CUSTOM1_LOG

Code: Select all

CUSTOM1_LOG = "/var/log/vesta/auth.log"


dont block yourself, keep the deny time to low for testing
if you change regex a little, please share changes..
and any other csf customlog blocking that may be helpful to all of us related only to vestacp control panel...
dont forget to add your OS


I've tried several times this rule, and every variation a could think of, with no success whatsoever.
I've enabled debug on csf, and I can see the file auth.log being parsed and and checked but it never logs any wrong try.
I've gone as far as this:

Code: Select all

#vestacp
if (($globlogs{CUSTOM1_LOG}{$lgfile}) and ($line =~ /.*/)) {
  return ("Failed vestacp control-panel login from",$1,"VESTAloginAttempt","5","8083","60");
}

So every line on the log file should be considered as a failed login attempt, but it doesn't matter.

Can anyone help with this? My OS is Centos 7 with VestaCP 0.9.8-16 and I'm out of ideas :/
I can share any configuration you may need to figure this out, and any help or tip that can steer me in the right direction would be greatly appreciated.


What's in your auth.log? Give me a few examples of errors (i don't have any to see on my servers)

moucho
Posts: 6
Joined: Tue Jun 28, 2016 5:32 pm

Re: [HOWTO] Install CSF + Use it's GUI in VestaCP

Postby moucho » Mon Sep 19, 2016 9:45 pm

This is an example (I've changed my IP):

Code: Select all

  asdfasdf 10.0.0.0 failed to login
  asdfasdf 10.0.0.0 failed to login
  asdfasdf 10.0.0.0 failed to login
  asdfasdf 10.0.0.0 failed to login
  asdfasdf 10.0.0.0 failed to login
  asdfasdf 10.0.0.0 failed to login


Firstly two white spaces, then the username, IP and error message

SS88
Posts: 306
Joined: Thu Nov 19, 2015 12:40 pm

Re: [HOWTO] Install CSF + Use it's GUI in VestaCP

Postby SS88 » Mon Sep 19, 2016 10:23 pm

moucho wrote:This is an example (I've changed my IP):

Code: Select all

  asdfasdf 10.0.0.0 failed to login
  asdfasdf 10.0.0.0 failed to login
  asdfasdf 10.0.0.0 failed to login
  asdfasdf 10.0.0.0 failed to login
  asdfasdf 10.0.0.0 failed to login
  asdfasdf 10.0.0.0 failed to login


Firstly two white spaces, then the username, IP and error message


Try this:

Code: Select all

#vestacp
if (($globlogs{CUSTOM1_LOG}{$lgfile}) and ($line =~ /(\S+) failed to login/)) {
  return ("Failed vestacp control-panel login from",$1,"VESTAloginAttempt","5","8083","60");
}

moucho
Posts: 6
Joined: Tue Jun 28, 2016 5:32 pm

Re: [HOWTO] Install CSF + Use it's GUI in VestaCP

Postby moucho » Mon Sep 19, 2016 10:56 pm

Thanks so much!!!

I'm speechless, I can't really thank you enough, I've tried for hours without success.

May I ask you to explain to me that why this works? Is this syntax different from any other regex syntax, because I check and the lines where being interpreted correctly by other tools but not csf?
Is there some way to check that the syntax is valid, or some guide I can use for csf?

Thanks again.

SS88
Posts: 306
Joined: Thu Nov 19, 2015 12:40 pm

Re: [HOWTO] Install CSF + Use it's GUI in VestaCP

Postby SS88 » Mon Sep 19, 2016 10:58 pm

moucho wrote:Thanks so much!!!

I'm speechless, I can't really thank you enough, I've tried for hours without success.

May I ask you to explain to me that why this works? Is this syntax different from any other regex syntax, because I check and the lines where being interpreted correctly by other tools but not csf?
Is there some way to check that the syntax is valid, or some guide I can use for csf?

Thanks again.


I used https://regex101.com/ but what you was using failed as a regex.

RamMae
Posts: 9
Joined: Fri Jun 03, 2016 10:25 am

Re: [HOWTO] Install CSF + Use it's GUI in VestaCP

Postby RamMae » Sat Sep 24, 2016 1:39 am

There's a weired problem on my csf.
Image

SS88
Posts: 306
Joined: Thu Nov 19, 2015 12:40 pm

Re: [HOWTO] Install CSF + Use it's GUI in VestaCP

Postby SS88 » Sat Sep 24, 2016 12:03 pm

RamMae wrote:There's a weired problem on my csf.
Image


Try changing the file permissons.

755 for directory and 644 for files.


Return to “Modification & Patches”



Who is online

Users browsing this forum: No registered users and 1 guest