GLOBAL_DENY v blacklist
GLOBAL_DENY v blacklist
Is there any difference / advantage / disadvantage to using GLOBAL_DENY rather than an entry in /etc/csf/csf.blocklists ?
-
BallyBasic79
- Junior Member
- Posts: 80
- Joined: 22 Aug 2019, 21:43
Re: GLOBAL_DENY v blacklist
Good question. I use both.
Blocklists are useful resources although often incomplete. Most blocklists are accessed via DNS so only file-based BLs can be added to CSF.
A Global list is arbitrary which means you can control it. I use a GLOBAL_DENY list to add troublesome IPs not caught by blocklists or known repeat offenders. Additionally, the Global list is an easy way to distribute these IPs to other servers I manage without the need to configure a cluster.
Those are a few notes. Others might have additional perspectives.
Blocklists are useful resources although often incomplete. Most blocklists are accessed via DNS so only file-based BLs can be added to CSF.
A Global list is arbitrary which means you can control it. I use a GLOBAL_DENY list to add troublesome IPs not caught by blocklists or known repeat offenders. Additionally, the Global list is an easy way to distribute these IPs to other servers I manage without the need to configure a cluster.
Those are a few notes. Others might have additional perspectives.