Activate CSF Brute Force Protection for CWP Login and customize according to you needs. Replace in: /etc/csf/csf.conf (somewhere at the end of the file) CUSTOM1_LOG = "/var/log/customlog" replace with CUSTOM1_LOG = "/var/log/cwp_client_login.log" Add in: /usr/local/csf/bin/regex.custom.pm if (($globlogs{CUSTOM1_LOG}{$lgfile}) and ($line =~ /^\S+\s+\S+\s+(\S+)\s+Failed Login from:\s+(\S+) on: (\S+)/)) { return ("Failed CWP-Login login for User: $1 from IP: […]