Author Topic: AbuseIP DB on centos  (Read 1325 times)

0 Members and 1 Guest are viewing this topic.

Offline
*
AbuseIP DB on centos
« on: September 12, 2023, 12:04:44 AM »
Have anyone success use abuseIPdb in centos block the IPs that have report threshold at 10times?

It's very easy
https://www.abuseipdb.com/csf

and can activate other IP database in this file
vi /etc/csf/csf.blocklists

 I enabled all of the list, share what IP list have you enabled.
« Last Edit: September 12, 2023, 12:32:29 AM by weasam »

Offline
*****
Re: AbuseIP DB on centos
« Reply #1 on: September 12, 2023, 12:38:43 AM »
Good to be aware of. I have various RBLs in place for Postfix (SMTP) and of course CSF/LFD running server-wide, as well as WAF (web application firewalls) for each WordPress install. More tools = better, as long as we don't see huge performance hit as with looking up full country code blocks under CSF.

Offline
*****
Re: AbuseIP DB on centos
« Reply #2 on: September 12, 2023, 07:24:26 AM »
We've been using them, along with auto reporting.

Be careful how many lists you have enabled, as it can slow and possibly overload the server.

One of the the core lists that's good is DShield. Been using that list for 23 years.

Offline
*
Re: AbuseIP DB on centos
« Reply #3 on: September 13, 2023, 05:44:03 PM »
We've been using them, along with auto reporting.

Be careful how many lists you have enabled, as it can slow and possibly overload the server.

One of the the core lists that's good is DShield. Been using that list for 23 years.

I running all list enable. I found that is will slow the server definitely as you described. So I should consider one or two list enable and use AbuseIPdb auto-script  to contribute reports.  Thanks all of you reply