Hi all
I keep getting the "Suspicious process running under user" email from CSF.
I know that I can modify the pignore (ignore process) file in CSF, but for this particular issue, it is relevant only to a specific file - a log file that is taking too long to upload to external backup repository (Dropbox). The reason it's taking too long is a separate issue (that I am working to solve) and that will ultimately stop the emails.....
However, meanwhile, I would like some help on writing the correct Perl syntax, that I can add to the file ignore (csf.fignore) in CSF so that I no longer get the Suspicious process emails, where the log file is referenced.
The full path of the log file is as follows;
/home/userxyz/public_html/wp-content/infinitewp/backups/log.1234567abcdef.txt
The prefix and suffix changes due to user and log file name change - so I need some wildcards to ignore the first and last part of the string will be ignored e.g.
*/infinitewp/backups/log.*.txt
Here is what I have tried in the fignore file, but it is not working (I am still getting the emails)
*\/wp-content\/infinitewp\/backups\/log.*\.txt
I created this using the Regex Tester and Debugger Online - Javascript, PCRE, PHP reg ex debugger - where it seemed to be valid, but not working with CSF.
Thanks for any help!
I keep getting the "Suspicious process running under user" email from CSF.
I know that I can modify the pignore (ignore process) file in CSF, but for this particular issue, it is relevant only to a specific file - a log file that is taking too long to upload to external backup repository (Dropbox). The reason it's taking too long is a separate issue (that I am working to solve) and that will ultimately stop the emails.....
However, meanwhile, I would like some help on writing the correct Perl syntax, that I can add to the file ignore (csf.fignore) in CSF so that I no longer get the Suspicious process emails, where the log file is referenced.
The full path of the log file is as follows;
/home/userxyz/public_html/wp-content/infinitewp/backups/log.1234567abcdef.txt
The prefix and suffix changes due to user and log file name change - so I need some wildcards to ignore the first and last part of the string will be ignored e.g.
*/infinitewp/backups/log.*.txt
Here is what I have tried in the fignore file, but it is not working (I am still getting the emails)
*\/wp-content\/infinitewp\/backups\/log.*\.txt
I created this using the Regex Tester and Debugger Online - Javascript, PCRE, PHP reg ex debugger - where it seemed to be valid, but not working with CSF.
Thanks for any help!
