CSF CSF to send email notification ?

arlon · Jul 2, 2016

how to make CSF sending email notification when ssh login, ip blocked, etc?
because i have new vps installed cpanel and csf sending email when ssh login, brute force, ip blocked

eva2000 · Jul 2, 2016

see CSF Firewall - CentminMod.com LEMP Nginx web stack for CentOS

Getting Started Guide step 18 for Managing Root User Emails via /root/.forward file or via /etc/csf/csf.conf CSF config file reporting settings for LF_ALERT_TO and LF_ALERT_FROM

Code (Text):

###############################################################################
# SECTION:Reporting Settings
###############################################################################
# By default, lfd will send alert emails using the relevant alert template to
# the To: address configured within that template. Setting the following
# option will override the configured To: field in all lfd alert emails
#
# Leave this option empty to use the To: field setting in each alert template
LF_ALERT_TO = ""

# By default, lfd will send alert emails using the relevant alert template from
# the From: address configured within that template. Setting the following
# option will override the configured From: field in all lfd alert emails
#
# Leave this option empty to use the From: field setting in each alert template
LF_ALERT_FROM = ""

then restart csf firewall

Code (Text):

csf -ra

fyi, default csf alert temples in /etc/csf/alerts send to root user

Code (Text):

 cat /etc/csf/alerts/alert.txt  
From: root
To: root
Subject: lfd on [hostname]: blocked [ip]

Time:     [time]
IP:       [ip]
Failures: [ipcount]
Interval: [iptick] seconds
Blocked:  [block]

Log entries:

[text]

Code (Text):

ls -lhAh /etc/csf/alerts/
total 132K
-rw------- 1 root root  124 May  9  2014 accounttracking.txt
-rw------- 1 root root  181 May  9  2014 alert.txt
-rw------- 1 root root  192 May  9  2014 connectiontracking.txt
-rw------- 1 root root   76 May  9  2014 consolealert.txt
-rw------- 1 root root  136 May  9  2014 cpanelalert.txt
-rw------- 1 root root  129 May  9  2014 exploitalert.txt
-rw------- 1 root root  151 May  9  2014 filealert.txt
-rw------- 1 root root  132 May  9  2014 forkbombalert.txt
-rw------- 1 root root  374 May  9  2014 integrityalert.txt
-rw------- 1 root root 1.1K May  9  2014 loadalert.txt
-rw------- 1 root root 1.2K Nov  8  2015 loadalert.txt.new
-rw------- 1 root root  103 May  9  2014 logalert.txt
-rw------- 1 root root  101 May  9  2014 logfloodalert.txt
-rw------- 1 root root  191 May  9  2014 netblock.txt
-rw------- 1 root root  209 May  9  2014 permblock.txt
-rw------- 1 root root  129 May  9  2014 portknocking.txt
-rw------- 1 root root  175 May  9  2014 portscan.txt
-rw------- 1 root root  391 May  9  2014 processtracking.txt
-rw------- 1 root root   97 May  9  2014 queuealert.txt
-rw------- 1 root root  196 May  9  2014 relayalert.txt
-rw------- 1 root root  260 May  9  2014 resalert.txt
-rw------- 1 root root  181 May  9  2014 reselleralert.txt
-rw------- 1 root root  200 May  9  2014 scriptalert.txt
-rw------- 1 root root  176 May  9  2014 sshalert.txt
-rw------- 1 root root  159 May  9  2014 sualert.txt
-rw------- 1 root root  194 May  9  2014 syslogalert.txt
-rw------- 1 root root  298 May  9  2014 tracking.txt
-rw------- 1 root root  129 May  9  2014 uialert.txt
-rw------- 1 root root  150 May  9  2014 uidscan.txt
-rw------- 1 root root  192 May  9  2014 usertracking.txt
-rw------- 1 root root  129 May  9  2014 watchalert.txt
-rw------- 1 root root  146 May  9  2014 webminalert.txt
-rw------- 1 root root 1.2K Jun 28  2015 x-arf.txt

Log in / Register

Forums

Join the community today

CSF CSF to send email notification ?

arlon Member

eva2000 Administrator Staff Member

.

Log in / Register

Useful Searches

Join the community today

CSF CSF to send email notification ?

arlon Member

eva2000 Administrator Staff Member

.