Tag : CSF (ConfigServer Security & Firewall) – LFD (Login Failure Daemon)
Login Failure Daemon, LFD is a process is an extension of ConfigServer Security & Firewall (CSF), a stateful packet inspection (SPI) firewall configuration script for Linux servers that periodically looks for login attempts against server in the latest log file entries and checks for potential threats to a server.
Login Failure Daemon, LFD offers protection against attacks as password and cryptography attack, brute-force login attempts and if found blocks the IP address attempting to attack that server to prevent any future attempts.
Config Server Firewall (CFG) and Login Failure deamon (LFD) features like suspicious file reporting and system monitoring, login, intrusion detection, standard filtering of packets, SYN flood detection, user interface integration for cPanel, DirectAdmin and Webmin, detect port scans, monitor temp directory and script directory for suspicious modifications, Port Knocking, manual IP blocks, monitoring automatic IP blocks, Straight-forward SPI iptables firewall script, login authentication failures for Courier imap, Dovecot, uw-imap, Kerio, openSSH, cPanel, WHM, Webmail (cPanel servers only), Pure-ftpd, vsftpd, Proftpd, Password protected web pages (htpasswd), Mod_security failures (v1 and v2), POP3/IMAP login tracking, SSH login, SU login notification, Email relay tracking, IPv6 Support, and ipset support.
Related articles under CSF (ConfigServer Security & Firewall) – LFD (Login Failure Daemon)
*WARNING* The option "WHM > Tweak Settings > Restrict outgoing SMTP to root, exim, and mailman (FKA SMTP Tweak)"
In my cpanel server, I have installed CSF as a plugin. Once all the configuration is done, i give cs [+]more