search

imthenachoman / How-To-Secure-A-Linux-Server

An evolving how-to guide for securing a Linux server.
Creative Commons Attribution Share Alike 4.0 International
17.34k stars 1.11k forks source link

UFW automatic blacklist rules #109

Closed moltenbit closed 11 months ago

moltenbit commented 11 months ago

Implemented automatic download of blacklist from IPSum and automatic import of rules with UFW.

imthenachoman commented 11 months ago

Why close this? You don't want me to merge it? It looks nice!

moltenbit commented 11 months ago

Why close this? You don't want me to merge it? It looks nice!

I've noticed adding rules this way is extremely slow. We could either limit the number of blocked IPs (IPsum has prepared lists with levels, on how many blacklists an IP appears and we could use a high level) or I could prepare a PR with ipset, which I have implemented on my server after noticing the slowness.