Automate Abuse Reports to ASNs, from Plesk run Logs, According to pre-defined Scenarios, and Excluding White Listed IPs
Hi,
After blocking full CIDR ranges for small to medium ISPs hackers used to attack our server, I manually block huge ranges of CIDR IPs of the big tech companies. This ISPs have so many IPs that FireWall might not be able to technically block.
I find it important, that big hosts would sweat, for hosting such hackers, and possibly not blocking them efficiently, mainly blocking payment methods they use.
Thus, I would very much would like lots of users to have an automatic tools enabling automatic Abuse reports (usign email or pre analyzed report forms), for pre-defined rules-set (i.e., all ModSEcurity 403 events? All login URL access not from white listed IP).
This would require the big tech to spend lots of money on investigating and blocking, as they would otherwise be legally exposed to knowingly allowing criminal activity to go out of their hosted servers, if same IP continues attacking, as IPs are used if they are not blocked.
EhudZ
shared this idea
Upd: Sorry, we are closing the request as no information was provided for over a month.
—
IG
-
EhudZ
commented
Plesk FW adding of CIDR IPs is extremly resource consuming.
Plesk FW should allow blocking of the entire ASN according to ASN number.