"PHP IDS Alert.Total impact: 22"

Discussion in 'General' started by Emsanator, May 7, 2022.

  1. Emsanator

    Emsanator Member

    I saw this information two days apart. I think there is an infiltration attempt from the server at the IP address "". It's only been blocked, but what can I do to prevent it from happening again? Is it enough to just block the IP address?
    (I am not using the mail server in ISPconfig.)
    Thank you.

  2. till

    till Super Moderator Staff Member ISPConfig Developer

    The attempt was successfully blocked, so why do you want to do anything? Especially as it was an attempt to attack a tomcat server on port 8080, so it can't affect ISPConfig anyway even if it would not have been blocked and it was not targeted to hack an ISPConfig system. Blocking a single Ip makes not much sense for this in my opinion, especially as there are simply too many IP's out there.
  3. Emsanator

    Emsanator Member

    I see you're right, thanks for the reply

Share This Page