CSF Firewall Deny IPs
Is there a way to add IP's to the Deny IPs list programmatically?
I have a list of IP addresses that I block from the server that is dynamically generated daily. It doesn't change often, normally about once a week. The list generates automatically then I receive an email if any IP's have changed.
At that point I manually add them through the WHM interface to the Deny IPs list. Is there a command I can run via SSH or anything to add them so I can automate my process?
Thanks!
-
Hello, I believe you can add them to the csf.deny file as documented in the CSF README: Keep in mind that CSF is a third-party application. You can find their support forums at: Thank you. 0 -
Having never done this, I'm not overly qualified to comment. However if your'e not aware, CSF has a 'LFD Blocklist' feature where it can connect and download pre-determined blocklists. Could you not create a custom blocklist and point this to your own file ? Each block list must be listed on per line: as NAME|INTERVAL|MAX|URL # NAME : List name with all uppercase alphabetic characters with no # spaces and a maximum of 9 characters - this will be used as the # iptables chain name # INTERVAL: Refresh interval to download the list, must be a minimum of 3600 # seconds (an hour), but 86400 (a day) should be more than enough # MAX : This is the maximum number of IP addresses to use from the list, # a value of 0 means all IPs # URL : The URL to download the list from #MYLIST #Details: http://mysite.com MYLIST|86400|0|http://www.mydomain.com/block.txt0
Please sign in to leave a comment.
Comments
2 comments