Achieve security excellence without breaking the budget!

Download guide

CrowdSecBlocklists

Block Mass Exploitation Attempts Before They Reach Your Perimeter

Get immediate protection against active malicious IPs with CrowdSec’s actionable and real-time Blocklists.

G1 icon
Blocklist hero

Not Just Another Blocklist

  • Overblocking IPs?

    Honeypots and third-party blocklists provide insufficient updates, resulting in cleared IPs remaining on blocklists and new infections taking longer to be added.

    With a 5% daily rotation on average, you won’t get any of that with CrowdSec.

  • High False Positives?

    We shield our data against false positives and poisoning using a combination of methods, including:

    • Reporter trust score and diversity
    • Machine profiling
    • Cross-checking data sources to guarantee information consistency
    • and more…
  • No VPN/Residential Proxy Detection?

    An efficient blocklist offers more than just a list of unwanted IPs.

    We employ behavior analysis on the data collected from the CrowdSec Network to provide you with ultra-curated lists — DDoS, botnets, VPNs, residential proxies, and more — to equip you with the intelligence you need to safeguard your services.

  • Infrequent Updates?

    CrowdSec Blocklists offer an average of 5% daily rotation of IPs.

    They are updated in real time and at top priority, providing you with fresh and relevant data daily and ensuring that the list of IPs you feed to your firewall is never out of date.

CrowdSec Blocklists Are Unique

Up to 80%

reduction in security alarm volume. Measured by our customers after using CrowdSec blocklists.

0%

false positives in the CrowdSec Blocklists, thanks to our unique curation process.

36%

Of proven aggressive IPs that CrowdSec proactively blocks are unknown to any other vendor for at least a week

5%

daily rotation of malicious IPs on average in the CrowdSec Intelligence Blocklist.

7to60

days on average ahead in adding malicious IPs to our blocklists compared to others list on the market

16%

Of proven aggressive IPs that CrowdSec proactively blocks are still unknown to any other vendor for at least 15-20 days.

Wondering how we collect, analyze, and curate data?

Learn more about our data

The Crowd-Powered Intelligenceof the CrowdSec Blocklists

Blocking any and all aggressive IPs is a solid option. But blocking IPs based on unwanted behaviors that have the potential to harm your infrastructure, gives you greater flexibility and targeted protection for your perimeter.

Explore the crowd-powered and ultra-curated CrowdSec Blocklists

CrowdSec Intelligence Blocklist

Contains all IPs in our database that have been identified as actively aggressive, performing a wide variety of attacks. Proactively block these IPs if you don’t want to take any chances with malicious IPs potentially reaching your systems.

Industry and Service-Focused Attackers Blocklists

Contain IPs frequently attacking organizations in a specific sector. We currently cover Banking & Insurance, Healthcare, Hosting, MSSPs, Retail & Ecommerce, IT & Services. Block these IPs to reduce security alerts and establish a safer perimeter to protect critical systems.

Country-Focused Attackers Blocklists

Contain a CrowdSec-aggregated list of the most aggressive IPs specifically targeting entities in a specific country. Proactively block these IPs to reduce the volume of your security alerts and establish an overall safer perimeter.

High Background Noise Blocklist

Contains IPs identified as malicious or potential threats performing mass exploitation attempts contributing to your internet background noise and high volume of security alerts. Blocking these IPs can reduce your alert volume and save infrastructure resources.

HTTP Attackers Blocklists

Contain IPs that have been mainly reported for performing HTTP DoS attacks or HTTP exploitation attempts. Proactively block these IPs to prevent DoS and HTTP exploitation attempts on your systems and establish an overall safer perimeter.

Custom Blocklists

Do you need custom blocklists for specific use cases? We work with you to make sure you have the intelligence you need to safeguard your services.

Get Started in 4 Simple Steps

Reaping the benefits of proactive security without having to change a thing to your existing infrastructure is one of the biggest advantages of the CrowdSec Blocklists.

1
Log in to the CrowdSec ConsoleGet Started
2
Subscribe to the blocklist you need
3
Grab your private URL or API key for the selected blocklist
4
Integrate CrowdSec Blocklist into your firewall or CDN

Use the CrowdSec Blocklistswith Any Firewall or CDN

The CrowdSec Blocklists integrate with a large number of tools, making your security ecosystem more powerful and efficient.

  • AWS Network FirewallAWS Network Firewall
  • Azure FirewallAzure Firewall
  • (GCP) Network Firewall(GCP) Network Firewall
  • CloudflareCloudflare
  • MikroTik RouterOSMikroTik RouterOS
  • Windows FirewallWindows Firewall
  • Palo AltoPalo Alto
  • CISCOCISCO
  • FortinetFortinet
  • Check PointCheck Point