ConfigServer Community Forum

Hi I've done some searches and saw a few hits:

search.php?st=0&sk=t&sd=d&sr=posts&keyw ... t&start=20
viewtopic.php?p=32203&hilit=blacklist#p32203
viewtopic.php?p=32057&hilit=blacklist#p32057
viewtopic.php?p=31481&hilit=blacklist#p31481

I'm fairly new to defending my own server against attacks and thought that it would be helpful to automatically populate csf.deny with data from various blacklists. The above search results show this has been brought up a few times, but it seems the conclusion is there is too much data to effectively do that with csf (limitation of software processing?).

Can large blacklists effectively be processed with CSF or is it simply too much for the software to efficiently handle?

Instead of maintain an IP blacklist, here we usually download a country IP list and block it if we detected huge abuse traffics. There are several countries like to perform security scanning.

You can download the free IP list from https://www.ip2location.com/free/visitor-blocker

With IPSET you can add large blacklists.
I have a 50,000 IPs max limit of blocked IPs that CSF has blocked and also I use a few large lists and servers works fine.

One list that I use most is from stopforumspam (free list to download) with about 5,500 IPs.
And the second one that I maintain on my own is with about 3,000 IPs.

So far CSF is doing a great job with large block of IPs.