Server: Auto-load public IP blocklists

- Load known bad IPs from FireHOL blocklists on startup
- ~4400 IPs blocked by default
- Set PUBLIC_BLOCKLIST=false to disable
- Combined with manual BLOCKED_IPS env var

server/main.py

@@ -33,11 +33,18 @@ BUILDS_DIR = Path("builds")
 import os
 import middleware as mw
 
-# Configure blocked IPs only
+# Manually blocked IPs
 BLOCKED_IPS = set(os.environ.get("BLOCKED_IPS", "").split(",")) - {""}
 
+# Load public blocklists (set to "false" to disable)
+USE_PUBLIC_BLOCKLIST = os.environ.get("PUBLIC_BLOCKLIST", "true").lower() == "true"
+
+if USE_PUBLIC_BLOCKLIST:
+    public_ips = mw.load_public_blocklists()
+    BLOCKED_IPS.update(public_ips)
+
 if BLOCKED_IPS:
-    logger.info(f"IP blacklist enabled: {len(BLOCKED_IPS)} IPs blocked")
+    logger.info(f"Total blocked IPs: {len(BLOCKED_IPS)}")
 
 mw.set_ip_config(blocked=BLOCKED_IPS)