• For more information see the original Authors site: https://www.webniraj.com/2018/10/21/auto-reporting-lfd-block-reports-to-abuse-ip-db/

    The below with your abuseipdb.com API key and username makes this easy to implement on any CSF server with LFD also installed which is the default.

    YOUR_API_KEY="longRedactedApiKeyGoesHere";
    YOUR_USER_ID="yourAbuseIpDBUsernamegoeshere"
    cat >> /etc/csf/csf.blocklists <<EOL
    # AbuseIPDB blacklist
    # Details: https://docs.abuseipdb.com/#blacklist-endpoint
    ABUSEIPDB|86400|10000|https://api.abuseipdb.com/api/v2/blacklist?&key=${YOUR_API_KEY}&plaintext
    EOL
    tail -3 /etc/csf/csf.blocklists
    wget -O /root/abuseabuseipdb_report.php https://gitlab.com/snippets/1981817/raw
    chmod +x /root/abuseabuseipdb_report.php
    sed -i 's|^BLOCK_REPORT =.*|BLOCK_REPORT = "/root/abuseabuseipdb_report.php"|g' /etc/csf/csf.conf
    sed -i -e "s|YOUR_API_KEY|$YOUR_API_KEY|g" -e "s|YOUR_USER_ID|$YOUR_USER_ID|g" /root/abuseabuseipdb_report.php
    csf -ra;
    grep BLOCK_REPORT /etc/csf/csf.conf
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment