This is an old revision of the document!

Manually Add and Remove IP Addresses to a Mikrotik Blacklist

This assumes you have a address list named blacklist that is being blocked.

/ip firewall address-list add comment="Manual Addition" list=blacklist address=xxx.xxx.xxx.xxx

/ip firewall address-list remove [/ip firewall address-list find address=xxx.xxx.xxx.xxx]

Create Blacklist from Apache Logs

Example from a recent Joomla experience where an attacking botnet utilized a vulnerable 'contacts' page:

grep contact-me /var/log/virtualmin/exmple.com_error_log >> example.txt