DENY_IP_LIMIT

Post Reply
domepower
Junior Member
Posts: 1
Joined: 31 Jul 2017, 22:43

DENY_IP_LIMIT

Post by domepower »

Hello,

I´ve just installed csf on my WHM Server, and was wondering how many ips can I limit on the filed DENY_IP_LIMIT so it doesn´t consumes too many memory.

Thanks in advance
sawbuck
Junior Member
Posts: 366
Joined: 10 Dec 2006, 16:20

Re: DENY_IP_LIMIT

Post by sawbuck »

Quoting the config file (/etc/csf/csf.conf) with the default being 1000:

"Limit the number of IP's kept in the /etc/csf/csf.deny file

Care should be taken when increasing this value on servers with low memory
resources or hard limits (such as Virtuozzo/OpenVZ) as too many rules (in the
thousands) can sometimes cause network slowdown

The value set here is the maximum number of IPs/CIDRs allowed
if the limit is reached, the entries will be rotated so that the oldest
entries (i.e. the ones at the top) will be removed and the latest is added.
The limit is only checked when using csf -d (which is what lfd also uses)
Set to 0 to disable limiting

For implementations wishing to set this value significantly higher, we
recommend using the IPSET option."
Post Reply