That can cause extreme delay’s i have experience after hoster was moving to another network part location, the delay timeouts, that weren’t there before give trouble.
Yes makes no sense you think, but if a network move, to other location that location is under higher traffic from country cn/ru and so on then maybe.
I had no chance then to switch of that country filter there after that no time outs, or giev the box more resources hmm
I don’t understand thet whil if blocked you asume less traffice so less trouble timeouts, but in contrary was in real wat was going on.
If someone have more info’s ?? , maybe more traffic at all but not from that country’s ( although in logs it wasn’t) and had to go through the country csf filter/
Is offtopic , but if you choose to use country filters in any firewall think about that solution or if you have time out to switch that part off to check if this is causing time outs or “network” delay there.
Read what you quoted about CSF Login Failure Blocking: it’s either for a specific time frame, or permanent.
Fail2Ban is far more flexible and robust:
It can monitor ANY type of error found in ANY log file
The block can be set for ANY number of failures
The initial time can be ANY amount of time
And, in the upcoming 0.11 release (available “out there” but coming soon to Virtualmin), the block can grow exponentially with each failure, which is very very nice.
I had a tiny server suffering from a couple dozen attacks per second. Turned on exponential-growth blocking (when reaaally bad, I let it grow to a one-month block ) and everything worked Just Fine.
Here is the Big Picture challenge: once something is blocked, in general we have no idea if we are also causing legitimate traffic to be blocked.
In fact, we’re well into a challenging new ethos for the Internet in general:
A long time ago, the goal was always to improve connectivity. We knew we had a long way to go. AND, we were not so worried about various attacks or unwanted messaging.
Now, we have a wide variety of reasons to block messages. Spam, bad actors and more.
However, it is impossible to tell the difference between the silence of a packet purposely dropped, vs a censorship block vs a bug!
The result: communication is rapidly becoming unreliable online.
I just finished working through three radically different reasons for non-working communication:
Huge volumes of email not getting through. Turns out it was an invisible block inside a major internet provider. Not listed anywhere.
Another pile of messaging not getting through. We saw “bounce” messages, but they were incredibly misleading, listing IP’s that had no issues… The answer: an outdated country IP block, now used by a legitimate sender.
A few close friends who went overseas… and nothing I did got a response for months. Voice mail, texting, etc. I began to wonder if they had a medical issue. Answer: they forgot to plug their USA SIM card into the phone (didn’t have a multi-SIM phone )
) and everything worked Just Fine.
