Anyone maintain an IP blacklist?

Post Reply
CanadaGuy
Junior Member
Posts: 3
Joined: 27 Oct 2021, 01:12

Anyone maintain an IP blacklist?

Post by CanadaGuy »

Hi I've done some searches and saw a few hits:

search.php?st=0&sk=t&sd=d&sr=posts&keyw ... t&start=20
viewtopic.php?p=32203&hilit=blacklist#p32203
viewtopic.php?p=32057&hilit=blacklist#p32057
viewtopic.php?p=31481&hilit=blacklist#p31481

I'm fairly new to defending my own server against attacks and thought that it would be helpful to automatically populate csf.deny with data from various blacklists. The above search results show this has been brought up a few times, but it seems the conclusion is there is too much data to effectively do that with csf (limitation of software processing?).

Can large blacklists effectively be processed with CSF or is it simply too much for the software to efficiently handle?
christopa
Junior Member
Posts: 3
Joined: 26 Sep 2020, 10:51

Re: Anyone maintain an IP blacklist?

Post by christopa »

Instead of maintain an IP blacklist, here we usually download a country IP list and block it if we detected huge abuse traffics. There are several countries like to perform security scanning.

You can download the free IP list from https://www.ip2location.com/free/visitor-blocker
Sergio
Junior Member
Posts: 1685
Joined: 12 Dec 2006, 14:56

Re: Anyone maintain an IP blacklist?

Post by Sergio »

With IPSET you can add large blacklists.
I have a 50,000 IPs max limit of blocked IPs that CSF has blocked and also I use a few large lists and servers works fine.

One list that I use most is from stopforumspam (free list to download) with about 5,500 IPs.
And the second one that I maintain on my own is with about 3,000 IPs.

So far CSF is doing a great job with large block of IPs.
Post Reply