The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Bulk add rules to HG Firewall?

Discussion in 'Workarounds and Optimization' started by mvandemar, May 14, 2015.

  1. mvandemar

    mvandemar Member

    Joined:
    Jun 17, 2006
    Messages:
    22
    Likes Received:
    0
    Trophy Points:
    1
    I have a client who would like to block a whole region's worth of ip blocks. The HG Firewall Administration only allows you to add or remove 1 ip at a time, and I have 9,473 to add in. Where is the ip list actually stored on the server? Is it a human readable list that I can edit manually?

    Thanks.

    -Michael
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    676
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello,

    Could you clarify if HG Firewall a third-party application? A Google search indicates this is possibly a product of HostGator. Have you contacted them for information about where that data is stored? You may want to consider using a firewall such as CSF if they are unable to provide you with that information.

    Thank you.
     
  3. mvandemar

    mvandemar Member

    Joined:
    Jun 17, 2006
    Messages:
    22
    Likes Received:
    0
    Trophy Points:
    1
    Ah, thank you, that makes sense. :) I was wondering why I had to allow apps not registered with AppConfig in order to see it, if they are setting up custom plugins for their clients they should really be registering them as well.

    It looks like it's possibly a front end to iptables, I will ask them about it.

    -Michael
     
  4. allklier

    allklier Member

    Joined:
    Jul 29, 2015
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    New York, NY
    cPanel Access Level:
    Root Administrator
    The HG firewall is a very simple block/pass firewall.

    The black list is found at /etc/firewall/GLOBAL_DROP

    Make sure to restart the service after modifying the files to take effect (service firewall restart)

    I recently added the following command to my cpHULK for major offenders

    echo %remote_ip% >> /etc/firewall/GLOBAL_DROP; service firewall restart
     
Loading...

Share This Page