How to "permaban" IP (not just the rotating csf.deny

3 posts Page 1 of 1
pablocullen
Junior Member
Posts: 2
Joined: 28 Nov 2019, 10:15


Hi!

Absolutely love CSF its a godsend, big thanks to the dev team.

I have an issue however that i have 1 particular IP that tried to DDoS me, its from a company that offers DDoS protection so i assume this is a method they use to get customers in the door, i wont mention the name yet as i have reached out to them for comment, there may just be a glitch in their system.

So this IP i have to keep blocking every couple of days as it drops off the csf.deny list, my list was 200 long, ive increased that to 1600 but that only buys me more time and is not a permanent fix.

How could i add this somewhere so they can never connect to my server again? Ive tried via IP Tables but according to my service status iptables is not running, does CSF run its own version?

I tried starting iptables but lost access to all websites so stopped it again.

Thanks for any help provided.

Regards

Paul
tanfwc
Junior Member
Posts: 5
Joined: 18 Sep 2019, 07:52


Let you help you on this as readme is very long and you might have missed out this important feature that is available. If you run large IP deny list, remember to use ipset that will provide improvement to your server

https://download.configserver.com/csf/readme.txt
=============
If you don't want csf to rotate a particular IP in csf.deny if the line limit
is reach you can do so by adding "do not delete" within the comment field,
e.g.:

11.22.33.44 # Added because I don't like them. do not delete
=============
pablocullen
Junior Member
Posts: 2
Joined: 28 Nov 2019, 10:15


Hi, this is incredibly helpful, so CSF will ignore the line if it says "do not delete"? something beautiful about that.
3 posts Page 1 of 1