Page 1 of 1

Blacklist - AbuseIPdb

Posted: 20 May 2017, 08:26
by faca5
Hello.

We suggest to add https://www.abuseipdb.com/ to the csf.blacklist.

Thank you!

Re: Blacklist - AbuseIPdb

Posted: 28 Mar 2019, 07:13
by ohgoodiee
This seems to be the only post about abuseipdb.

There are a couple of scrips out there that can be called when lfd is triggered, but unfortunately, they fail during an attack, for example: multiple 404's in rapid procession. In that case, the script with attempt to post to abuseipdb multiple times or if it is attempting to find out if you have already posted an ip address to abuseipdb, it will time out.

It would be really great if in the future, there was a implementation into csf/lfd to where abuseipdb could download a daily list of the most abusive and placed into an ipset. Would love to see a implementation that would report offending ip's and know that it had already reported it without reporting it several times before realizing that it had already been reported.

Re: Blacklist - AbuseIPdb

Posted: 31 Mar 2020, 12:28
by ShaneOss
The complete IP listing would be huge. Too big too download and keep a daily list. However you may be able to check the IPs accessing your server against AbuseIPDB and then block those...
Check out: https://github.com/ShaneOss/AbuseIPDB-cPanel-CSF

Re: Blacklist - AbuseIPdb

Posted: 05 Apr 2020, 00:22
by ShaneOss
Script updated. Didn't come across correctly when the initial commit was done.