Block certain files from ever being uploaded on the server / block IPs that attempt to?

CrazySerb

Member
Apr 1, 2015
11
3
3
Canada
cPanel Access Level
Root Administrator
Is there any sort of a cPanel plugin or existing configuration somewhere where I could specify a list of files we've run into over the last few years (known malware) that can be blacklisted from ever showing up on the server?

Even better, any IP that attempts to upload a known blacklisted file would get banned in firewall too?

Anything even remotely close to this exists for cPanel/WHM?
 

cPanelLauren

Forums Analyst II
Staff member
Nov 14, 2017
8,849
741
263
Houston
cPanel Access Level
DataCenter Provider

durangod

Well-Known Member
May 12, 2012
483
40
78
cPanel Access Level
Website Owner
Assuming that files are getting uploaded or existing by being uploaded by some script or special form, you can do this with PHP as well. You can add additional code to filter file type by header rather than by filetype field. Doing so by file header gives you a truer result of file type. Regarding the IP you can block them from accessing the website by adding a table to the database and store your blocked ip's in that table, then just refer to that table data when someone visits the site and send them packing if the ip is listed in the table data.

With regard to other types of blocking:

You can also do country blocks via htaccess, just remember that using country blocks can really slow down your website. The last time i looked the country block ip list of known spammers was huge, really huge! For your website to have to sift through that list every visit, you would need a really fast server to make it worth whille IMO.

Also understand that since spammers and those who are doing no good seem to spoof public IP's, if you block a bunch of IPs, it is possible you could also block a valid customer who just happen to have the wrong IP at the moment.

You can also block visits using paypal if you sell items, they also have a country block with regard to their gateway process which allows you to block country ips and visits using other filters and that runs on their server not yours so lag is not an issue.