hello, my apache error.log is growing insane since i messed up my template through that i discovered that there a several ips browsing to the ipconfig login and are still getting errors. Code: [Fri Jan 08 14:32:49 2010] [error] [client 202.59.152.155] PHP Strict Standards: Non-static method vlibTemplateError::raiseError() should not be called statically, assuming $this from incompatible context in /usr/local/ispconfig/interface/lib/classes/tpl.inc.php on line 161 i counted all ips in the error.log and within 1 hour i got this: Code: 216x 119.47.82.112 202x 125.224.195.164 376x 202.59.152.155 308x 67.215.241.234 i looked up the ip adresses, 3 of them are from china and 1 is from the usa. are those guys trying to bruteforce my ispconfig login?
Fail2ban You can block that in fail2ban conf. They (China, ru, etc...) never stop bruteforce, you can slow them down. I ban for 1 hour for 6 wrong password trys. You can add the ip to permanent ban, beware that clients and yourself can be banned too.
thanks, i found also lines with those CONNECT, can anyone tell me what those lines mean? ( 20100108-access.log ) Code: 202.59.152.155 - - [08/Jan/2010:05:48:27 +0100] "CONNECT 61.222.251.180:25 HTTP/1.0" 200 306 "-" "-" 202.59.152.155 - - [08/Jan/2010:05:48:27 +0100] "CONNECT 65.55.92.136:25 HTTP/1.0" 200 306 "-" "-"
