blocking IPV6 ip addresses
Posted: 30 May 2020, 06:17
Hello
I have two related questions if you could answer, I would be very grateful;
1) I am using Mod security as well as CSV on my Apache Centos server. I have been getting some IPV6 attacks and mod security is adding them to the mod security block just fine - but how can I manually add the offending IPV6 address into CSF? For example this one: 2a03:6f00:1::5c35:601e - when I try to add it I get the error: deny failed: [2a03:6f00:1::5c35:601e] is valid IPv6 but IPV6 is not enabled in csf.conf
Is there some instruction on best practice for enabling IPV6 in the conf ? I would like to understand the potential impacts. I googled it, but there is not much info I could find that was clear in terms of what config settings to use.
2) since modsec is in use and blocking some (abusive) IPs - is it necessary to also add these ips into CSF? This applies to both ipv4 and ipv6.
Thanks
I have two related questions if you could answer, I would be very grateful;
1) I am using Mod security as well as CSV on my Apache Centos server. I have been getting some IPV6 attacks and mod security is adding them to the mod security block just fine - but how can I manually add the offending IPV6 address into CSF? For example this one: 2a03:6f00:1::5c35:601e - when I try to add it I get the error: deny failed: [2a03:6f00:1::5c35:601e] is valid IPv6 but IPV6 is not enabled in csf.conf
Is there some instruction on best practice for enabling IPV6 in the conf ? I would like to understand the potential impacts. I googled it, but there is not much info I could find that was clear in terms of what config settings to use.
2) since modsec is in use and blocking some (abusive) IPs - is it necessary to also add these ips into CSF? This applies to both ipv4 and ipv6.
Thanks