Hi everyone,
I recently set up a fresh CyberPanel server (latest version) on Ubuntu 22.04.
I noticed a potential security gap: The Web Panel (Port 8090) allows unlimited failed login attempts without banning the IP.
I have CSF/LFD installed and running. It blocks failed SSH attempts correctly, but it seems to completely ignore brute-force attempts on the CyberPanel login page.
My questions:
Is this the intended default behavior?
Does anyone have the correct CUSTOM_LOG path and regex.custom.pm rules to make CSF ban IPs after 5 failed attempts on port 8090?
I believe this should be enabled out-of-the-box for security reasons. Any advice is appreciated!
Thanks