Page 2 of 2
Re: Permanently Block IP or CIDR
Posted: 09 Aug 2016, 05:55
by Sergio
There is no tip about to block an IP out of csf.deny, since a long time ago you can use;
vvv.xxx.yyy.zzz. #do not delete
when blocking an IP that you don't want to be deleted, I recommend you to check the readme file it has a lot of info about CSF.
Re: Permanently Block IP or CIDR
Posted: 10 Apr 2017, 14:56
by ssh2site
@halimzhz This is probably the link:
https://blog.configserver.com/?p=398
Re: Permanently Block IP or CIDR
Posted: 16 May 2017, 22:36
by nigelpeck
Sorry for the duplicate post here; I hadn't noticed that this thread has a second page. I can't delete the post but perhaps a mod can do that. Thanks.
halimzhz wrote: ↑09 Aug 2016, 03:14
I understand this is the old thread, i try to refer to the link above but theres nothing about where i can get the tip to permanent block the IP instead of csf.deny
Just updating this thread so all the info is here. I've been looking at this, and it seems that what this thread is referring to is the ability to make a ban permanent in the csf.deny file. The comments in that file make it clear:
Code: Select all
# Note: If you add the text "do not delete" to the comments of an entry then
# DENY_IP_LIMIT will ignore those entries and not remove them
So that seems to explain it. If you want to permanently ban an IP, just add "do not delete" in a comment against that IP, which would go on the same line after a `#`, something like this: