Hi Everyone,
My Deny IP List is really starting to grow now and nearly on 1500, how high can i go with this before it starts impacting my servers performance etc?
Thanks
Rockyuk
Large Deny IP List
-
- Junior Member
- Posts: 8
- Joined: 10 Jan 2017, 15:38
Re: Large Deny IP List
Ours has gone up to 6000 before without any noticeable performance hit. (Currently floating around 2800.)
IPSET is a must have though to maintain performance, so don't do this if you're on OpenVZ/Virtuozzo.
What we also do is every quarter prune all blacklisted entries at least 6 months old, as IP addresses can be reallocated to different ISPs or customers within, so what may be malicious today may not be months later.
IPSET is a must have though to maintain performance, so don't do this if you're on OpenVZ/Virtuozzo.
What we also do is every quarter prune all blacklisted entries at least 6 months old, as IP addresses can be reallocated to different ISPs or customers within, so what may be malicious today may not be months later.