What is the Difference Between SpamFirewall and Security Firewall
CleanTalk provides two firewall solutions, they use different protection methods. Also, blacklist databases are different for each firewall solution.
SpamFireWall
SpamFireWall designed to block spam-bots, this feature is included in the Anti-Spam by CleanTalk service. SpamFireWall is implemented for the following CMS:
- WordPress
- Joomla
- Drupal
- SMF
- BITRIX
- phpBB
- IPS Community
- Xenforo
- MediaWiki
- MODX
More details about SpamFireWall can be found here.
Security Firewall
SecurityFirewall designed to block any incoming traffic, the feature is a part of the Security and Malware Scanner by CleanTalk service. SecurityFirewall is implemented for WordPress sites only.
If you want to know more about SecurityFirewall then proceed to this page.
How CleanTalk Forms Blacklist Databases for SpamFireWall and Security Firewall
Blacklist for SpamFireWall
Blacklist for SpamFireWall depends on the global CleanTalk Anti-Spam blacklist. The list contains all the records analyzed by the system from 400 000 overall sites:
- An IP address that the system detected as spam. The system's decision is based on the quality and the number of requests gained from the specific IP address. Users' feedback is also taken into account.
- An IP subnet that contains a number of spam active IP addresses that currently above a certain threshold.
- An IP address added to a personal list for SpamFireWal in the CleanTalk dashboard. You can add any IP address or subnet, including the whole countries.
Please note, when a real visitor gets a SpamFireWall block (in case of a rare exception), he is still able to reach the site automatically after 1 second or by clicking the link on the blocking page.
Blacklist for Security Firewall
Security Firewall blacklist forms in accordance with the next activities detected:
- An IP address spotted with site attacks number above the critical or the system gain several same requests from this address on a few sites. Types of attacks:
- Account credentials guessing tries (Brute-force)
- XSS-attacks
- SQL-injections
- Exploits
- An IP address added to a personal list for Security Firewall in the CleanTalk dashboard.
- An IP address belongs to a subnet, which contains sufficient large number of IP address suitable to the 1-st paragraph.
There is no way to avoid a Security Firewall block. If you know an IP address, that should be never blocked, you can add it to your personal whitelist for Security Firewall.
Please, note, that SpamFireWall and Security Firewall blacklists are being updated online, IP addresses records are being deleted when the spam activity falls down.
It would also be interesting
- SpamFireWall Feature of the CleanTalk Service — How it WorksSpamFireWall Network Blocking Anti-Flood and Anti-Crawler How To Block Bots By User-agent SpamFireWall...
- How CleanTalk Anti-Spam Works. Manuals, Questions and Answers.CleanTalk Help Manuals, Questions and Answers Anti-Spam Service Premium Notice is still shown...
- Security for Drupal 9, 10. Malware Scanner, FireWall and Brute-Force ProtectionUniForce the Security Extension for Websites on Drupal 9, 10 Here is a brief tutorial on incorporating...