Blacklist - AbuseIPdb

Post Reply
faca5
Junior Member
Posts: 1
Joined: 20 May 2017, 08:25

Blacklist - AbuseIPdb

Post by faca5 »

Hello.

We suggest to add https://www.abuseipdb.com/ to the csf.blacklist.

Thank you!
ohgoodiee
Junior Member
Posts: 2
Joined: 29 Aug 2018, 11:09

Re: Blacklist - AbuseIPdb

Post by ohgoodiee »

This seems to be the only post about abuseipdb.

There are a couple of scrips out there that can be called when lfd is triggered, but unfortunately, they fail during an attack, for example: multiple 404's in rapid procession. In that case, the script with attempt to post to abuseipdb multiple times or if it is attempting to find out if you have already posted an ip address to abuseipdb, it will time out.

It would be really great if in the future, there was a implementation into csf/lfd to where abuseipdb could download a daily list of the most abusive and placed into an ipset. Would love to see a implementation that would report offending ip's and know that it had already reported it without reporting it several times before realizing that it had already been reported.
ShaneOss
Junior Member
Posts: 5
Joined: 31 Mar 2020, 12:16

Re: Blacklist - AbuseIPdb

Post by ShaneOss »

The complete IP listing would be huge. Too big too download and keep a daily list. However you may be able to check the IPs accessing your server against AbuseIPDB and then block those...
Check out: https://github.com/ShaneOss/AbuseIPDB-cPanel-CSF
ShaneOss
Junior Member
Posts: 5
Joined: 31 Mar 2020, 12:16

Re: Blacklist - AbuseIPdb

Post by ShaneOss »

Script updated. Didn't come across correctly when the initial commit was done.
Post Reply