Blocking IP address or Domain

Janak

Well-Known Member
Jul 18, 2009
71
1
58
I wish to block certain IP address or domain name accessing my server. I have done entry of IP address in my CSF firewall "Deny IP" option and also I have done entry in cPanel -> IP Deny Manager but still I can see that IP address accessing my server from Apache logs.

Any idea?
 

cPanelDavidG

Technical Product Specialist
Nov 29, 2006
11,216
11
313
Houston, TX
cPanel Access Level
Root Administrator
I wish to block certain IP address or domain name accessing my server. I have done entry of IP address in my CSF firewall "Deny IP" option and also I have done entry in cPanel -> IP Deny Manager but still I can see that IP address accessing my server from Apache logs.

Any idea?
cPanel -> IP Deny Manager only blocks people from visiting the websites on that specific cPanel account. You may want to use the Host Access Control feature in WHM for a broader ban on that IP.
 

david510

Well-Known Member
Aug 22, 2004
473
0
166
He has told he has blocked the IP in csf. It should be fine. Please see you have added the IP into the deny list in cf properly.
 

Spiral

BANNED
Jun 24, 2005
2,020
8
193
He has told he has blocked the IP in csf. It should be fine. Please see you have added the IP into the deny list in cf properly.
... And restarted the CSF service!

Janak said:
I wish to block certain IP address or domain name accessing my server. I have done entry of IP address in my CSF firewall "Deny IP" option and also I have done entry in cPanel -> IP Deny Manager but still I can see that IP address accessing my server from Apache logs.
If you don't restart the firewall then the changes won't take effect!

Code:
service csf restart
Or, the Restart CSF firewall" option added by CSF under WHM ...

This is assuming of course that CSF has been installed and configured
correctly and that it is properly linked to IPTABLES / IPCHAINS. Otherwise,
the firewall is pretty useless and isn't really doing anything for you at all.

Incidentally ...

To add a block by IPTABLES directly, you could also do:
Code:
iptables -A INPUT -s x.x.x.x -j DROP
(Where x.x.x.x is the IP address or CIDR range you want to block)

NOTE: Blocking an IP doesn't remove old log entries where an IP has
previously connected so the IP may still show up in your log files even
though it is now blocked and unable to connect. Be sure to check the
date stamps on any log entries to make sure that you are not looking
at old log entries from BEFORE you blocked the IP address!