I have found that dynamic IP blocking programs such as sshguard or
fail2ban
are a CPU burden since that table needs to be refreshed as new IPs are
added
or removed so I have stopped using them.
Have you seen ipset?
https://ipset.netfilter.org/
It is built for dynamically adding/remove IP's fr
I run a personal email server. I can't emphasize enough how geofencing has
reduced the useless hacking on my email server. I only leave port 25 open to
the world. I use port 587.
I maintain a list of hosting companies that I block from using my web server
since they are just going to scrape any
