Hi!
I think it would be amazing if we could have advanced port filtering for csf.ignore file. I prefer to use this sparingly if not at all since it ignores all activity from an IP, but all too often we get requests from customers that cannot figure out which email client is causing them LFD blocks and want us to add their IP to csf.ignore. I provide the warnings about making sure all devices on that network are fully secured, monitored and scanned frequently for malicious activity, etc, but they insist (despite not even being able to figure out which is running the email client configured with invalid login details). If we could add advanced port filtering to only ignore their IP on the mail ports, then this could potentially reduce the risks with implementing such requests.
Thanks for consideration!
Advanced Port Filtering for Ignore
-
- Junior Member
- Posts: 2
- Joined: 20 Nov 2021, 08:48
Re: Advanced Port Filtering for Ignore
Here, here! I agree entirely! I use advance port filtering in csf.allow, and would LIKE to do so in csf.ignore as well if it is technically possible to make it so.
It just recently occurred to me how many IPs had accumulated in csf.allow and csf.ignore.... so I am validating them all and making sure I add advanced filtering to ALL (except mine) in csf.allow.
I get attacked many hundreds of times a day now, and since I haven't the facility to go on the OFFENSE (pursue, find, and eliminate the attackers), I would appreciate all the help I can get with the DEFENSE.
It just recently occurred to me how many IPs had accumulated in csf.allow and csf.ignore.... so I am validating them all and making sure I add advanced filtering to ALL (except mine) in csf.allow.
I get attacked many hundreds of times a day now, and since I haven't the facility to go on the OFFENSE (pursue, find, and eliminate the attackers), I would appreciate all the help I can get with the DEFENSE.