Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Register

Quick Links


Categories

In this Discussion

cPanel CSF issue - Page 2
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

cPanel CSF issue

2»

Comments

  • geekalotgeekalot Member

    @Jar said:
    Same performance hit from blocking high number of subnets. Be careful of implying that subnet is less likely to, because you'll encourage people to add 30,000 subnets to their firewall very easily. At a certain point in that game, one should consider whitelisting over blacklisting.

    @Jar, I did not imply that he could create 30,000 subnet rules. It is more likely that someone who is blocking brute-force attempts (which is what I was addressing) is going to have 100's/1000's/10000's of IPs .... not 1000's of subnet rules.

    If you block big enough subnets, you may end up with 10, 20 rules at most.

    BTW, I fully agree that whitelisting is better than blacklisting, but that is not always possible for the specific requirement .... and not what was asked.

    Cheers

  • agoldenbergagoldenberg Member, Host Rep

    Well as it stands I'm not using csf as I can't seem to get it to work the way I want.

    I just block brute force attempts with cphulk.

Sign In or Register to comment.