Author: D.Alder (26 Jan 10 10:13pm)
My server has modsecurity enabled and multiple times a day I will get emails from my system telling me the firewall (in this case iptables managed via Config Security and Firewall - an awesome product for cP{anel/WHM servers) has blocked an IP and usually because it has failed to meet the modsec ruleset standards. Usually it says an automated program visited the site and was blocked.
What I want to know is - should I be reporting these IPs to this project - I don't have any evidence they are spambots but their activity is in line with a spambot's behavior.
|