Do you have a client who says that they cannot access their sites/server and insists it’s a network issue, but their IP addresses does not seem to be blocked by csf.deny and their sites are not loading in several parts of the world with a site checker like https://www.site24x7.com/check-website-availability.html or others?
Well do I have quite the solution for you!
This morning, we verified an issue regarding a CSF/Spamhaus update in which CSF blocks any IP address that is over 188.8.131.52. This is due to a subnet that does not exist in the official list, 184.108.40.206/1:
Unfortunately, CSF will round the 220.127.116.11/1 down to 18.104.22.168/1 which will block all IP addresses above that range. To remedy this, after verifying the subnet issue is present, remove the SPAMDROP list file:
And restart CSF
Restarting CSF will generate a new (and correct) SPAMDROP list without the wonky subnet.
Now, verify the sites on the server can load now throughout the world without issue: