Do you have a client who says that they cannot access their sites/server and insists it’s a network issue, but their IP addresses does not seem to be blocked by csf.deny and their sites are not loading in several parts of the world with a site checker like https://www.site24x7.com/check-website-availability.html or others?
Well do I have quite the solution for you!
This morning, we verified an issue regarding a CSF/Spamhaus update in which CSF blocks any IP address that is over 18.104.22.168. This is due to a subnet that does not exist in the official list, 22.214.171.124/1:
Unfortunately, CSF will round the 126.96.36.199/1 down to 188.8.131.52/1 which will block all IP addresses above that range. To remedy this, after verifying the subnet issue is present, remove the SPAMDROP list file:
And restart CSF
Restarting CSF will generate a new (and correct) SPAMDROP list without the wonky subnet.
Now, verify the sites on the server can load now throughout the world without issue: