Paste a single blocklist URL into your firewall's External Dynamic List. 2M+ malicious IPs blocked automatically with weekly updates. Works with Palo Alto, FortiGate, pfSense, OPNsense, SonicWall, Cisco, Sophos, UniFi, and more.
Start 30-Day Free Trial See Supported FirewallsBlocklist sourced from IPsum threat intelligence · Updated weekly · Last verified: February 28, 2026
ThreatListPro is an IP blocklist service that automatically blocks VPN brute force attackers across 15+ firewall platforms. Instead of manually identifying and blocking malicious IPs, network administrators paste a single URL into their firewall's External Dynamic List (EDL) configuration. The blocklist contains over 2 million IPs sourced from real VPN attack data and is updated weekly. ThreatListPro works with Palo Alto GlobalProtect, FortiGate, pfSense, OPNsense, SonicWall, Cisco AnyConnect, Sophos XG, and UniFi. Plans start at $9.99/month with a 30-day free trial.
Published by ThreatListPro Security Team at CalMax Systems · Last updated: February 28, 2026
Works with any firewall that supports external blocklists
+ any firewall with External Dynamic List (EDL) support
VPN brute force attacks cause real damage to IT teams and organizations every day.
Users locked out 50+ per day when bots target your VPN portal. Account lockout policies cannot distinguish attackers from legitimate users, flooding the helpdesk with tickets.
Hours spent manually blocking IPs, only to see attacks from new addresses the next day. It is an endless, unwinnable cycle that drains your team.
Enterprise threat intelligence feeds cost $500+/month and include millions of irrelevant IPs. You need VPN attackers blocked, not a firehose of unrelated data.
Purpose-built IP blocklist focused exclusively on VPN brute force attacks.
Curated specifically for VPN brute force attacks. Not generic threat intelligence -- targeted protection for your portal.
Copy your unique URL. Paste into your firewall's EDL or external blocklist config. Done. Start blocking attacks immediately.
Each customer receives a unique, secure API key. Cancel anytime and access revokes immediately. No shared lists.
Curated from live attacks on GlobalProtect, SSL-VPN, and firewall portals. Every IP on the list was caught in the act.
Email support from network security professionals who understand your firewall. 24-hour response time.
Get protected in under 5 minutes. No agents, no software, no complexity.
Choose your plan and subscribe. Instantly receive your unique API key and blocklist URL via email.
Follow our step-by-step guide. Paste your unique URL into your firewall's external blocklist or EDL configuration.
Your firewall pulls fresh threat data weekly. No maintenance required. Set it and forget it.
Simple, transparent pricing. Start protecting your network today.
Try ThreatListPro risk-free. Not satisfied within 14 days? Email [email protected] for a full refund. No questions asked.
We went from 50+ locked accounts per day to zero. Setup took 10 minutes on our Palo Alto firewall. The helpdesk tickets disappeared overnight. Best $9.99 we've spent all year.
An IP blocklist for VPN protection is a curated list of IP addresses known to launch brute force, credential stuffing, and password spraying attacks against VPN portals. ThreatListPro maintains a blocklist of over 2,000,000 malicious IPs specifically targeting VPN login pages such as GlobalProtect, FortiGate SSL-VPN, and pfSense. Your firewall imports this list and blocks these IPs before they can attempt any login attacks.
After subscribing, you receive a unique API URL that serves as an External Dynamic List (EDL). You paste this URL into your firewall's external blocklist configuration. Your firewall periodically fetches the latest list of malicious IPs from this URL and automatically blocks them. The list is updated weekly with fresh threat intelligence from real VPN attack data.
ThreatListPro works with 15+ firewalls including Palo Alto GlobalProtect (EDL), FortiGate SSL-VPN (External Threat Feed), pfSense with pfBlockerNG, OPNsense, SonicWall, Cisco ASA/AnyConnect, Sophos XG/XGS, and UniFi Gateway. Any firewall that supports importing external IP blocklists or dynamic address lists is compatible.
Most customers complete setup in under 5 minutes and see immediate results. Subscribe, copy your unique blocklist URL, paste it into your firewall's external blocklist configuration, and attacks are blocked right away. We provide step-by-step guides for every supported firewall platform.
Yes. The Monthly plan includes a 30-day free trial. You can test ThreatListPro with your firewall completely risk-free. Cancel anytime during the trial and you will not be charged. We also offer a 14-day money-back guarantee on all paid plans.
The ThreatListPro blocklist is updated weekly with fresh data from real VPN brute force attacks. Your firewall automatically pulls the latest version on its configured schedule, so you always have up-to-date protection without any manual intervention.
Enterprise threat feeds cost $500+/month and contain millions of IPs across all threat categories, most of which are irrelevant to VPN protection. ThreatListPro is a focused IP blocklist curated specifically for VPN brute force attacks. It contains only IPs that actively target VPN portals, making it more effective and far more affordable for this specific use case.