On Sun, Feb 5, 2012 at 12:56 PM, lucas kauffman
wrote:
> Hello,
>
> I'm quite new to OSSEC, and there are two things I can't find out:
>
> How do I increase the frequency of the rule when someone is blocked because
> of a 400 error (failed to login through htaccess in Apache2). I looked for
> the
On 02/05/2012 11:56 AM, lucas kauffman wrote:
>
> Also if an IP is blocked, how can I unblock it through ossec ? Or do I
> have to do it manually and delete the entries for hosts.deny and iptables ?
OSSEC will unblock automatically, based on the timeout parameter in
ossec.conf or you your local
Hello,
I'm quite new to OSSEC, and there are two things I can't find out:
How do I increase the frequency of the rule when someone is blocked because
of a 400 error (failed to login through htaccess in Apache2). I looked for
the rule, but it doesn't show a frequency, is there a default frequency