Large Deny IP List

Post Reply
Rockyuk
Junior Member
Posts: 7
Joined: 19 Mar 2014, 07:42
Location: United Kingdom

Large Deny IP List

Post by Rockyuk »

Hi Everyone,
My Deny IP List is really starting to grow now and nearly on 1500, how high can i go with this before it starts impacting my servers performance etc?

Thanks

Rockyuk
adamreece-webbox
Junior Member
Posts: 8
Joined: 10 Jan 2017, 15:38

Re: Large Deny IP List

Post by adamreece-webbox »

Ours has gone up to 6000 before without any noticeable performance hit. (Currently floating around 2800.)

IPSET is a must have though to maintain performance, so don't do this if you're on OpenVZ/Virtuozzo.

What we also do is every quarter prune all blacklisted entries at least 6 months old, as IP addresses can be reallocated to different ISPs or customers within, so what may be malicious today may not be months later.
Post Reply