Black List – allows to always block IPs from the list.
Choose Firewall tab in the main menu then click Black List.
Use filters to show the exact list of the IPs:
- IP – allows filtering the list by IP. Enter an IP or a part of it into the input field.
- Country – allows filtering the list by country origin. Enter a country name into the input field with autocomplete. Imunify360 will show the list of IPs of the chosen country.
- Comments – allows filtering the list by comments. Enter a comment into the input field.
- Use Items per page at the page bottom right to set the number of the incidents to be shown on the page.
The following actions are available with IPs in the Black List:
- Add IP manually
- Add a country
- Add comments to IP
- Move IP from the Black List to the White List
- Remove IP manually
#How to add IP manually
To add an IP to the Black List click Add on the right side of the page.
In the pop-up choose IP tab and fill out:
- Enter IP – IP or subnet in CIDR notation
- Enter a comment – type a comment to the IP or subnet (optional)
- Enter TTL in days or hours – time to live – for how long the IP will be in the Black List.
- Choose Black List radio button
- If the server is a part of a group (see: global Black | White list management), choose Scope: Local (IP will be added to Black list on a current server) or Group (IP will be added to a group of servers and from this moment can be managed from any server in the group).
Notes
- If you add a new server in an existing group in CLN, then all IPs blacklisted for this group will be added as blacklisted to this new server.
- If you have an IP blacklisted globally, then this IP will be added to all servers belong to this group.
- All actions performed with globally blacklisted IP propagate to a whole group (all servers and IPs included in this group).
- If you remove an IP included in a group, this IP will be removed from all servers belonged to this group.
- If you change the scope from Global to Local, then this IP on a current server becomes local and is removed from other servers of this group.
- If you remove a server from a group in CLN, then all IPs blacklisted for the whole group will be removed from that server.
When done, click Add IP to confirm your action or Cancel to close the pop-up.
You will see a notification if the IP is added successfully.
If Show only manually added switcher is disabled (default setting) than IPs automatically blocked by Imunify360 without access to CAPTCHA are displayed in the Black List along with manually added IPs. They have Imunify360 in the Source column and Automatically blocked due to distributed attack in Comment column.
Note
Regardless of switched CSF off or on, blocked by Imunify360 IPs exist along with CSF deny list. Warning displayed at the top of the table says that CSF is running and can be used for blacklisting along with Imunify360.
Warning
For now, ipset supports only IPv6/64 networks
#
How to add a country manually
To add a country to the Black List, click Add on the right side of the page.
In the pop-up choose Country tab and fill out:
- Enter country – autocomplete field. Just start typing.
- Enter comment – type a comment to IP or subnet (optional).
When done, click Add Country to confirm or Cancel to close the pop-up.
You will see a notification if a country has been added successfully.
#
How to add a comment to IP
In the proper IP row click in the Comment column, type a comment and click .
To remove a comment, click and remove the text. Then click .
#
How to move IP from the Black List to the White List
To move IP from the Black List to the White List, choose proper IPs in the list (use checkboxes), click Group Actions at the top of the table and choose Move to White List in the drop-down. Then confirm the action.
To move an exact IP, just click the Cog icon in a proper IP row and choose Move to White List in the drop-down. Then confirm the action.
You will see a notification if an IP is moved to the White List successfully.
#How to remove IP from the Black List
To remove IP from the Black List, choose proper IPs in the table (use checkboxes) and click Delete permanently. Then confirm the action.
To remove an exact IP, just click Bin icon in the proper IP row. Then confirm the action.
You will see a notification if an IP is successfully removed.