Results 1 to 5 of 5

Thread: BFD Limit

  1. #1

    BFD Limit


    I've configured BFD to automatically email me and drop connections using iptables when someone attempts 15 failed logins.

    This is working fine but it does not block after 15 logins - it can be anything upto 70+ failed logins before it kicks in:

    SOURCE ADDRESS: ***.***.***.179
    EXECUTED COMMAND: /sbin/iptables -A INPUT -s ***.***.***.179 -j DROP

    Is there any reason why it takes so long and can I speed it up?



  2. #2
    Join Date
    Apr 2005
    BFD runs on a Cron job every 8-10 minutes, so once they reach the 15 login limit this will trigger BFD to block that IP on the next cron run, which may be run in 7 minutes time which would then give them time to login 70+ times.

    Change the Cron to run every minute - location: /etc/cron.d/bfd
    C program run. C program crash. C programmer quit.

  3. #3
    Greetings Tom:

    1. Even at 1 minute interval checks, an automated attacker can get in a score or more attempts before a block.

    2. There's going to be a trade off between frequency of running BFD (resource utilization), and #1.

    Typically the default works best; but as shared above, feel free to modify.

    Thank you.
    Peter M. Abraham
    LinkedIn Profile

  4. #4
    Join Date
    Mar 2009
    Quote Originally Posted by Tomdarkness View Post
    EXECUTED COMMAND: /sbin/iptables -A INPUT -s ***.***.***.179 -j DROP
    To block an IP, you should use Insert, not Append :

    EXECUTED COMMAND: /sbin/iptables -I INPUT -s ***.***.***.179 -j
    ★ NinjaFirewall : Web Application Firewall for PHP and WordPress.
    ★ NinjaMonitoring : Monitor your website for suspicious activities.

  5. #5
    Join Date
    Nov 2004
    CSF blocks immediately, perhaps consider switching; you won't be sorry.

Similar Threads

  1. IPTables - Rule Limit / Max Out Limit
    By TomBoy123 in forum Hosting Security and Technology
    Replies: 2
    Last Post: 07-05-2009, 11:12 AM
  2. Anything like ulimit/limit that could limit resources for ONLY users?
    By iHubNet in forum Hosting Security and Technology
    Replies: 3
    Last Post: 10-27-2006, 04:30 AM
  3. file limit & http tranfer limit
    By variable in forum Hosting Security and Technology
    Replies: 1
    Last Post: 01-22-2006, 09:05 PM
  4. pm limit
    By aqi32 in forum WHT Announcements, Feedback and Questions
    Replies: 4
    Last Post: 02-03-2005, 05:54 PM
  5. .htaccess limit - how to limit access to only certain hostnames?
    By mrzippy in forum Programming Discussion
    Replies: 2
    Last Post: 07-15-2003, 01:01 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts