Page 1 of 1
DENY_IP_LIMIT
Posted: 31 Jul 2017, 22:48
by domepower
Hello,
I´ve just installed csf on my WHM Server, and was wondering how many ips can I limit on the filed DENY_IP_LIMIT so it doesn´t consumes too many memory.
Thanks in advance
Re: DENY_IP_LIMIT
Posted: 31 Jul 2017, 23:45
by sawbuck
Quoting the config file (/etc/csf/csf.conf) with the default being 1000:
"Limit the number of IP's kept in the /etc/csf/csf.deny file
Care should be taken when increasing this value on servers with low memory
resources or hard limits (such as Virtuozzo/OpenVZ) as too many rules (in the
thousands) can sometimes cause network slowdown
The value set here is the maximum number of IPs/CIDRs allowed
if the limit is reached, the entries will be rotated so that the oldest
entries (i.e. the ones at the top) will be removed and the latest is added.
The limit is only checked when using csf -d (which is what lfd also uses)
Set to 0 to disable limiting
For implementations wishing to set this value significantly higher, we
recommend using the IPSET option."