Site Tools



What is Blocklist?

Configure your host to send blocked IPs to Blocklist


Register on the website and create a new server.


Edit your jail.local (Fail2Ban) to send the IPs and logs via mail to Blocklist

enabled  = true
port     = ssh
filter   = sshd
action   = iptables[name=SSH, port=ssh, protocol=tcp]
           sendmail-whois-lines[name=SSH, dest="[email protected],<[email protected]>", sender=fail2ban@<>, sendername="Fail2Ban", logpath=/var/log/auth.log]
logpath  = /var/log/auth.log
maxretry = 3


There are no logs included in the mail

You might see something like the following in your mails

Lines containing IP: in /dev/null

Make sure that the correct logpath is included inside the “sendmail-whois-lines[]” brackets.

There are attacks but no reports

You dont see a report if the provider already received an abusemail in the last 24h, you can check all the reports for a specific IP by clicking on the “man-with-hat”-icon

You also need to send a specific amount of logfileentries in order to prove the abusive behaviour

linux/ubuntu/blocklist.txt · Last modified: 2019/02/12 12:00 by lunetikk