The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Block Specific Ports with IP Deny Manager?

Discussion in 'General Discussion' started by Mabus, Jun 26, 2009.

  1. Mabus

    Mabus Registered

    Joined:
    Jun 26, 2009
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    I did a search of the forums, but did not see this addressed.

    Is it possible to deny an IP address at a specific port?

    Example:
    xx.xxx.xxx.xxx port 1500 is spamming a server with connection requests. Banning the IP address (when not root, on a shared server, but with access to cPanel) does not stop the issue.

    Can the IP address and specific port be denied?
     
  2. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,447
    Likes Received:
    195
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    No, but you can do this at the firewall. Unless port 1500 is open and accepting connections for some reason, there should be no reason to be concerned with it. A properly set firewall will take care of bad requests to closed ports. Sounds like your not the admin of the server, so this link would be no good to you but this is a very good firewall.
    ConfigServer Security & Firewall

    Banning an IP from within your cPanel will block that IP to any part of your site at yourdomain.com. That block is generated from the .htacess file in the public_html directory of your account. When you add it in cPanel it gets written to the .htaccess

    HTH
     
  3. PlatinumServerM

    PlatinumServerM Well-Known Member
    PartnerNOC

    Joined:
    Jul 10, 2005
    Messages:
    397
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    New Jersey, USA
    cPanel Access Level:
    Root Administrator
    The deny manager is only for http requests, so nonstandard ports don't really play a part in this.

    You would have to block it in a firewall, such as csf, apf, or just iptables directly.
     
  4. Mabus

    Mabus Registered

    Joined:
    Jun 26, 2009
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    Thank you both for your responses.
     
  5. Spiral

    Spiral BANNED

    Joined:
    Jun 24, 2005
    Messages:
    2,023
    Likes Received:
    7
    Trophy Points:
    0
    If you aren't the admin of your server, how do you even know some IP
    is hitting your server's IP address at port 1500?

    Anyway, that is an issue that would require escalation to root to address
    properly although you can do some limiting by blacklisting the IP in your
    regular web and email applications.

    For escalated access, you could block the IP at the specific port with
    most firewalls or just directly in the server with iptables:

    To entirely drop an IP address entirely from hitting your server:
    Code:
    # iptables -A INPUT -s xx.xx.xx.xx -j DROP
    To limit a specific IP from accessing port 1500 in this case:
    Code:
    # iptables -A INPUT -s xx.xx.xx.xx -p all --dport 1500 -j DROP
     
Loading...

Share This Page