YOUR_API_KEY="longRedactedApiKeyGoesHere";
YOUR_USER_ID="yourAbuseIpDBUsernamegoeshere"
cat >> /etc/csf/csf.blocklists <<EOL
# AbuseIPDB blacklist
# Details: https://docs.abuseipdb.com/#blacklist-endpoint
ABUSEIPDB|86400|10000|https://api.abuseipdb.com/api/v2/blacklist?&key=${YOUR_API_KEY}&plaintext
EOL
tail -3 /etc/csf/csf.blocklists
wget -O /root/abuseabuseipdb_report.php https://gitlab.com/snippets/1981817/raw
chmod +x /root/abuseabuseipdb_report.php
sed -i 's|^BLOCK_REPORT =.*|BLOCK_REPORT = "/root/abuseabuseipdb_report.php"|g' /etc/csf/csf.conf
sed -i -e "s|YOUR_API_KEY|$YOUR_API_KEY|g" -e "s|YOUR_USER_ID|$YOUR_USER_ID|g" /root/abuseabuseipdb_report.php
csf -ra;
grep BLOCK_REPORT /etc/csf/csf.conf

For more information see the original Authors site: [`https://www.webniraj.com/2018/10/21/auto-reporting-lfd-block-reports-to-abuse-ip-db/`](url) The below with your abuseipdb.com API key and username makes this easy to implement on any CSF server with LFD also installed which is the default. ``` YOUR_API_KEY="longRedactedApiKeyGoesHere"; YOUR_USER_ID="yourAbuseIpDBUsernamegoeshere" cat >> /etc/csf/csf.blocklists <<EOL # AbuseIPDB blacklist # Details: https://docs.abuseipdb.com/#blacklist-endpoint ABUSEIPDB|86400|10000|https://api.abuseipdb.com/api/v2/blacklist?&key=${YOUR_API_KEY}&plaintext EOL tail -3 /etc/csf/csf.blocklists wget -O /root/abuseabuseipdb_report.php https://gitlab.com/snippets/1981817/raw chmod +x /root/abuseabuseipdb_report.php sed -i 's|^BLOCK_REPORT =.*|BLOCK_REPORT = "/root/abuseabuseipdb_report.php"|g' /etc/csf/csf.conf sed -i -e "s|YOUR_API_KEY|$YOUR_API_KEY|g" -e "s|YOUR_USER_ID|$YOUR_USER_ID|g" /root/abuseabuseipdb_report.php csf -ra; grep BLOCK_REPORT /etc/csf/csf.conf ```