Prevent the Brute Force Monitor from reporting a specific email address


Enter Your Query:
Use '%' for wildcards and quotes for "exact phrases"


Top Level » DirectAdmin

Prevent the Brute Force Monitor from reporting a specific email addressLast Modified: May 30, 2012, 12:08 am
If you're using the Brute Force Montior (BFM) and have an email address that is repeatedly checking your server, but that account is invalid (either wrong password, or non-existant account), and you know that the person doing it is not malicious, but only stubborn for not updating their settings, then you can tell the BFM to skip that email address from being checked.

To do this, create the following custom script:

nano /usr/local/directadmin/scripts/custom/brute_force_notify_pre.sh

and in that script, add the following code:

#!/bin/sh
if [ "$type" = "User" ]; then
   if [ "$value" = "your@email.com" ]; then
       echo "exempt your@email.com";
       exit 1;
   fi
fi
exit 0;

then chmod the script to 755:

chmod 755 /usr/local/directadmin/scripts/custom/brute_force_notify_pre.sh

Note that this will only prevent reports for users/emails being reported.  It will not prevent the blocking IPs, as the IP could be "attacking" some other account as well.
 
Related Helpfiles
I trust my brute force attack blocking system, I don't need to see all of the BFM messages.

© 2018 JBMC Software, Suite 173  3-11 Bellerose Drive, St Albert, AB  T8N 1P7  Canada.  Mon-Fri 9AM-5PM MST