Adding to CSF's Temporary Deny via PHP

[GoWilkes]

I'm using CSF (ConfigServer Firewall). Can you guys suggest a way to add an IP to the Temporary Deny list from a user's PHP?

I know how to do it with the CSF GUI and by SSH, but I'm hoping to figure out a way to add IPs that try to access certain pages that don't exist (like "wp-login.php"). Some of my hosting clients use Wordpress, though, so I can't block ALL references to it; just from my own personal sites that are much higher in traffic and don't use Wordpress.

I'm currently adding IPs to a database that try to access specific pages, and then pages look up user's IP, compares it to the database, and if it's found they get a Forbidden error. But it would be great to block them at the firewall.

 

[fuzzylogic]

If this is correct,

and if it's found they get a Forbidden error.

then you are 90% there already.
CSF has configuration settings to manage how to add IPs to the firewall that repeatedly generate 403 http status with their requests.
These settings are used by a LFD action to set Number of 403s to trigger and to set Permanent Block or Temp block with period.
Search CSF configuration page for...
LF_APACHE_403
LF_APACHE_403_PERM
LF_INTERVAL
for usage instructions.

Perhaps post a sample entry from apache's error_log of an ip in your database generating a 403 status to see if its likely to be a candidate for the LF_APACHE_403 action.
Anonymize the server ip and client ip.

 

[cPanelMichael]

Hello @GoWilkes,

Let us know if the information in the previous post helps.

Thank you.