csf.deny ip address deny limit
Re: csf.deny ip address deny limit
Thank you
Re: csf.deny ip address deny limit
Sorry for butting in but a question the Include /path_to_ip_file/blacklistip.txt
is there a limit of IPs I can have in that file or do I have to keep it under 1,000 each
Include?
thanks
Mitch
is there a limit of IPs I can have in that file or do I have to keep it under 1,000 each
Include?
thanks
Mitch
Re: csf.deny ip address deny limit
Thanks for your reply,puppet wrote:You don't need to put all the IPs to one file. You can put those IPs to a seperate file then add an include to csf.deny like follows:ovan wrote:How to put more than 1K IPs in csf.denypuppet wrote:I've put over 10K IPs in several text files and included in the csf.deny file on several cpanel servers more than 2 weeks without issue so far. Those servers have 5GB memory and 4 vcpus. I am afraid to add more IPs to the iptables.
because i saw in the csf from cpanel plugin is only 1K, and if any other IPs got blocked, will remove the ldest IPs blocked
Include /path_to_ip_file/blacklistip.txt
how to put an include to csf.deny, i mean where should i put the include syntax.?
is there any impact to the overall system.? such as a decrease in performance or higher CPU/Memory load
Re: csf.deny ip address deny limit
finally.... i/ve made change in DENY_IP_LIMIT which Recommended range: 10-1000 (Default: 200), i set it to 2000 
case closed
case closed
Re: csf.deny ip address deny limit
I am sort of having almost the same problem. It must be a bug:
I have this:
Edit csf.allow, the IP address allow file (Currently: 70 permanent IP allows)
Edit csf.deny, the IP address deny file (Currently: 1010 permanent IP bans)
And my DENY_IP_LIMIT is 800 and my DENY_TEMP_IP_LIMIT is 200
What happens is when I have more then 1000 IPs in total I am not able to make changes in the GUI in "Firewall Deny IPs", when I click "Save" nothing is saved and CSF/LFD is not restarted.
So the bug only seem to happen when making manual changes in the GUI to the IPs in "Firewall Deny IPs", it just does not work if you have more then 1000 IPs.
Does anyone know a work around on this problem?
I have this:
Edit csf.allow, the IP address allow file (Currently: 70 permanent IP allows)
Edit csf.deny, the IP address deny file (Currently: 1010 permanent IP bans)
And my DENY_IP_LIMIT is 800 and my DENY_TEMP_IP_LIMIT is 200
What happens is when I have more then 1000 IPs in total I am not able to make changes in the GUI in "Firewall Deny IPs", when I click "Save" nothing is saved and CSF/LFD is not restarted.
So the bug only seem to happen when making manual changes in the GUI to the IPs in "Firewall Deny IPs", it just does not work if you have more then 1000 IPs.
Does anyone know a work around on this problem?