Hello.
We suggest to add https://www.abuseipdb.com/ to the csf.blacklist.
Thank you!
Blacklist - AbuseIPdb
Re: Blacklist - AbuseIPdb
This seems to be the only post about abuseipdb.
There are a couple of scrips out there that can be called when lfd is triggered, but unfortunately, they fail during an attack, for example: multiple 404's in rapid procession. In that case, the script with attempt to post to abuseipdb multiple times or if it is attempting to find out if you have already posted an ip address to abuseipdb, it will time out.
It would be really great if in the future, there was a implementation into csf/lfd to where abuseipdb could download a daily list of the most abusive and placed into an ipset. Would love to see a implementation that would report offending ip's and know that it had already reported it without reporting it several times before realizing that it had already been reported.
There are a couple of scrips out there that can be called when lfd is triggered, but unfortunately, they fail during an attack, for example: multiple 404's in rapid procession. In that case, the script with attempt to post to abuseipdb multiple times or if it is attempting to find out if you have already posted an ip address to abuseipdb, it will time out.
It would be really great if in the future, there was a implementation into csf/lfd to where abuseipdb could download a daily list of the most abusive and placed into an ipset. Would love to see a implementation that would report offending ip's and know that it had already reported it without reporting it several times before realizing that it had already been reported.
Re: Blacklist - AbuseIPdb
The complete IP listing would be huge. Too big too download and keep a daily list. However you may be able to check the IPs accessing your server against AbuseIPDB and then block those...
Check out: https://github.com/ShaneOss/AbuseIPDB-cPanel-CSF
Check out: https://github.com/ShaneOss/AbuseIPDB-cPanel-CSF
Re: Blacklist - AbuseIPdb
Script updated. Didn't come across correctly when the initial commit was done.