Block Specific Ports with IP Deny Manager?
I did a search of the forums, but did not see this addressed.
Is it possible to deny an IP address at a specific port?
Example:
xx.xxx.xxx.xxx port 1500 is spamming a server with connection requests. Banning the IP address (when not root, on a shared server, but with access to cPanel) does not stop the issue.
Can the IP address and specific port be denied?
No, but you can do this at the firewall. Unless port 1500 is open and accepting connections for some reason, there should be no reason to be concerned with it. A properly set firewall will take care of bad requests to closed ports. Sounds like your not the admin of the server, so this link would be no good to you but this is a very good firewall.
ConfigServer Security & Firewall
Banning an IP from within your cPanel will block that IP to any part of your site at yourdomain.com. That block is generated from the .htacess file in the public_html directory of your account. When you add it in cPanel it gets written to the .htaccess
HTH
The deny manager is only for http requests, so nonstandard ports don't really play a part in this.
You would have to block it in a firewall, such as csf, apf, or just iptables directly.
Thank you both for your responses.
If you aren't the admin of your server, how do you even know some IP
is hitting your server's IP address at port 1500?
Anyway, that is an issue that would require escalation to root to address
properly although you can do some limiting by blacklisting the IP in your
regular web and email applications.
For escalated access, you could block the IP at the specific port with
most firewalls or just directly in the server with iptables:
To entirely drop an IP address entirely from hitting your server:
To limit a specific IP from accessing port 1500 in this case:Code:# iptables -A INPUT -s xx.xx.xx.xx -j DROP
Code:# iptables -A INPUT -s xx.xx.xx.xx -p all --dport 1500 -j DROP
LinkBack URL
About LinkBacks
Reply With Quote