What is the Difference Between SpamFirewall and Security Firewall


CleanTalk provides two firewall solutions, they use different protection methods. Also, blacklist databases are different for each firewall solution.



SpamFireWall designed to block spam-bots, this feature is included in the Anti-Spam by CleanTalk service. SpamFireWall is implemented for the following CMS:

  • WordPress
  • Joomla
  • Drupal
  • SMF
  • phpBB
  • IPS Community
  • Xenforo
  • MediaWiki
  • MODX

More details about SpamFireWall can be found here.


Security Firewall

SecurityFirewall designed to block any incoming traffic, the feature is a part of the Security and Malware Scanner by CleanTalk service. SecurityFirewall is implemented for WordPress sites only.

If you want to know more about SecurityFirewall then proceed to this page.


How CleanTalk Forms Blacklist Databases for SpamFireWall and Security Firewall


Blacklist for SpamFireWall

Blacklist for SpamFireWall depends on the global CleanTalk Anti-Spam blacklist. The list contains all the records analyzed by the system from 400 000 overall sites:

  1. An IP address that the system detected as spam. The system's decision is based on the quality and the number of requests gained from the specific IP address. Users' feedback is also taken into account.
  2. An IP subnet that contains a number of spam active IP addresses that currently above a certain threshold.
  3. An IP address added to a personal list for SpamFireWal in the CleanTalk dashboard. You can add any IP address or subnet, including the whole countries.

Please note, when a real visitor gets a SpamFireWall block (in case of a rare exception), he is still able to reach the site automatically after 1 second or by clicking the link on the blocking page.


Blacklist for Security Firewall

Security Firewall blacklist forms in accordance with the next activities detected:

  1. An IP address spotted with site attacks number above the critical or the system gain several same requests from this address on a few sites. Types of attacks:
    • Account credentials guessing tries (Brute-force)
    • XSS-attacks
    • SQL-injections
    • Exploits
  2. An IP address added to a personal list for Security Firewall in the CleanTalk dashboard.
  3. An IP address belongs to a subnet, which contains sufficient large number of IP address suitable to the 1-st paragraph.

There is no way to avoid a Security Firewall block. If you know an IP address, that should be never blocked, you can add it to your personal whitelist for Security Firewall.


Please, note, that SpamFireWall and Security Firewall blacklists are being updated online, IP addresses records are being deleted when the spam activity falls down.



Was this information helpful?

It would also be interesting