New IP External Blocklists

We are excited to announce that we just released the new Blocklists tab in the CrowdSec Console. All users can now subscribe to two of the 11 free third-party blocklists. And, if you are an Enterprise user, you have access to 3 premium blocklists with no limit to the number of blocklists you subscribe an instance to.

The Blocklists you can subscribe to

The blocklists contain IPs that come from various proxies, tor nodes, and known scanners. One of the blocklists you can find is the Firehol voipbl.org list which includes a distributed VoIP blacklist that is aimed at protecting against VoIP fraud and minimizing abuse for networks that have publicly accessible PBX’s. Another is the TOR Blocklist which contains tor exit nodes' IP addresses. You can also stay protected against IPs belonging to botnets with CrowdSec’s very own aggregated list (part of the premium blocklists). 

Bots and attackers often try to hide their malicious activities using proxies and tor nodes. Therefore, once you have subscribed to one of the blocklists, you might want to apply remediation to those IPs, either by blocking them, validating they are genuine humans via CAPTCHA, or any custom remediation you might have implemented on your bouncer.

Dive a little deeper

Before subscribing to a blocklist, you can see the number of IPs the list currently has as well as how many have been added and removed in the last month and in the last 2 days. 

All of the third-party blocklists provided were cherry-picked by the expert team at CrowdSec from reliable websites.

How to subscribe to a blocklist 

Log into the Console, and click on the new 'Blocklists' tab under Instances. Click on the ‘Subscribe’ button next to the blocklist you want. You can then select the instances from your park that you’d like to subscribe to this blocklist and then, choose what type of remediation should be applied to this blocklist.