How test LFD if it works? (ad when block my IP, how unblock?)
Happy New Year @rssperky
You probably want to start by changing config
nano /etc/csf/csf.conf || vi etc/csf/csf.conf
Look for directive TESTING = “1” and set it to 0 why lfd will not start while this is enabled.
LF_TRIGGER_PERM = "120"
To temporarily ban offenders for 2 minutes (so that you can test and still get access after a short time)
CT_LIMIT = "1"
Connection tracking checks how many connections a visitor is opening to your server. It’s effective in blocking small attacks. The setting above blocks any IP using more than 1 connection per second
Now adjust login protection for sshd
LF_SSHD = "1" LF_SSHD_PERM = "1800"
Now using your ssh client try to access your root/sudo user account. Input the wrong password ofcourse you will not be let through. Try again with correct credentails and you will see you will not be able to log in meaning your ip has be blocked temporarily.
After nano etc/csf/csf.conf
its an empty file. CSF have installed.
Sorry I missed a slash before the path
Is good idea to set LF_TRIGGER_PERM and LF_SSHD_PERM to 120000sec(33 hour) or more?
Or will be too big the log file and slow down server? I want ban 1 month minimum.
The value you put for directive LF_TRIGGER_PERM should ideally be the same as for directive LF_SSHD_PERM. It doesnt matter how long you prefer to block ip addresses. Set it as you wish
This topic was automatically closed 3 hours after the last reply. New replies are no longer allowed.