Discover CrowdSec’s Free Third-Party Blocklists

In case you missed it, we recently announced the new Blocklists Catalog in the CrowdSec Console. In the catalog, you can find several blocklists centralized in one place, including third-party blocklists that are free to all users. 

All users on the CrowdSec Console can subscribe their Security Engines to third-party blocklists to secure their systems against VoIP fraud, botnets, and more.

Let’s explore those blocklists a little further. 

The blocklists you can subscribe to

The third-party blocklists contain IPs from various proxies, Tor nodes, and known scanners. One of the blocklists you can find is the Firehol blocklist which includes a distributed VoIP blocklist aimed at protecting against VoIP fraud and minimizing abuse for networks that have publicly accessible PBX’s. 

Another is the Tor blocklist, which contains the IP addresses of Tor exit nodes. You can also stay protected against IPs belonging to botnets with CrowdSec’s aggregated list (part of the premium blocklists). 

Bots and attackers often try to hide their malicious activities using proxies and tor nodes. Therefore, once you have subscribed to one of the blocklists, you might want to apply remediation to those IPs, either by blocking them, validating they are genuine humans via CAPTCHA, or any custom remediation you might have implemented on your Remediation Component.

Check out the details

Before subscribing to a blocklist, you can see the number of IPs the list currently has, as well as when it was last updated and the number of CrowdSec users subscribed to that blocklist. 

Where do these blocklists come from?

All of the third-party blocklists provided were cherry-picked by the expert team at CrowdSec from reliable websites. The lists were loaded into the CrowdSec database, compared to our own CTI, and ran through our system to filter out any possible false positives. 

CrowdSec also offers premium and platinum blocklists aggregated from our own data, which comes from 70,000+ real users sharing their signals in over 190 countries. You can learn more about how we collect and curate our data here

Our community is a powerful and important part of CrowdSec. We strongly stand by our motto, “Safer Together.” If you have a blocklist you would like to share with your fellow community members, you can contact us at, and we will gladly add it to the third-party blocklist group. 

How to subscribe to a blocklist 

Check out the detailed documentation on how to subscribe to any of our blocklists, including third-party, premium, and platinum ones. You can also see an example of how to subscribe to a blocklist in the video below. 

How to Subscribe a Third-Party Blocklist to Either a Security Engine or an Integration

Subscribe to a Blocklists

Sing in to the CrowdSec Console, explore our list of third-party blocklists, and subscribe for free.

Explore blocklists

You may also like

Streamlining ELK Stack with CrowdSec via Syslog
Product Updates

Streamlining ELK Stack with CrowdSec via Syslog

By integrating CrowdSec with the ELK stack via Syslog, you can enhance your security monitoring capabilities and bolster your threat detection mechanisms.

Enabling Threat Hunting and Analysis with the Revamped CrowdSec CTI Report
Product Updates

Enabling Threat Hunting and Analysis with the Revamped CrowdSec CTI Report

We are introducing a much-needed revamp of the CrowdSec CTI report to empower threat hunters and analysts to swiftly locate vital threat information.

Explore CrowdSec Blocklists with the New Blocklist Catalog
Product Updates

Explore CrowdSec Blocklists with the New Blocklist Catalog

Introducing a centralized hub to explore and compare the CrowdSec Blocklists, helping you select the most relevant to your security needs.