CSF Firewall Login Failure Blocking and Alerts
LF_SSHD, F_FTPD || LF_SMTPAUTH, LF_POP3D, LF_IMAPD || LF_HTACCESS, LF_CPANEL




SSH FTP
LF_SSHD, F_FTPD

LT_POP3D = value

In the place of value if you replace with a number then the failed POP3 login attempt times per hour per account per IP address is greater than the IP gets blocked. Put the value to zero to disable the option. Please keep in mind that the IP is blocked temporarily and it automatically unblocks after an hour!

LT_IMAPD = value

CSF will check the value corresponding to the LT_IMAPD and compare it the number of IMAP login failure and if the failure count is greater than the value mentioned hen the IP will be blocked. Using a high number is recommended other than putting zero as (0=option as disabled). Since this is the temporary block for an hour after that the IP will be unblocked!

-------------------------------------------------------------------




POP IMAP
LF_SMTPAUTH, LF_POP3D, LF_IMAPD

LF_SSHD = value
LF_SSHD_PERM = value
These are the option in CSF to enabled to detect the login failure for sshd connections to the server.

LF_FTPD = value
LF_FTPD_PERM = value
This option is enabled to check the login failure of ftp connections, compare the value with the login failure count and if the login failure is greater corresponding IP will be blocked.

-------------------------------------------------------------------



Cpanel Webmail Protect Directory

LF_HTACCESS, LF_CPANEL

LF_SMTPAUTH = value
LF_SMTPAUTH_PERM = value
This parameter in the CSF will check the login failure of SMTP AUTH connections and the failure counts gets higher than the value set then the IP gets blocked.

LF_POP3D = value
LF_POP3D_PERM = value
This option is enabled to check the login failure of pop3 connections to the server.

LF_IMAPD = value
LF_IMAPD_PERM = value
Through this option enabled the CSF will check the login failure of imap connections to the server.