The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Host Access Control (block IP access)

Discussion in 'General Discussion' started by meeti, May 12, 2008.

  1. meeti

    meeti Well-Known Member

    Joined:
    Dec 25, 2007
    Messages:
    119
    Likes Received:
    0
    Trophy Points:
    16
    Hi,


    i want to block all the ips of 124.115.*.*,


    in whm "Host Access Control (block IP access) ",


    how can i set it?



    and how can i make sure if what firewall is installed on the server already?



    thanks
     
  2. viraj

    viraj Well-Known Member

    Joined:
    Sep 28, 2006
    Messages:
    209
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    India
    cPanel Access Level:
    DataCenter Provider
    Twitter:
    Hi Meeti,

    Refer this link for more details on CSF [the best firewall] : http://forums.cpanel.net/showthread.php?t=53511

    CSF works like a charm on all of our VPS & Dedicated servers, you get too many configuration options for setting up the firewall properly.

    To block a particular IP/subnet use this command from the SSH console :
     
  3. meeti

    meeti Well-Known Member

    Joined:
    Dec 25, 2007
    Messages:
    119
    Likes Received:
    0
    Trophy Points:
    16
    HI,

    can i ask how can i check all the bloacked ips on the server?



    thanks
     
  4. viraj

    viraj Well-Known Member

    Joined:
    Sep 28, 2006
    Messages:
    209
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    India
    cPanel Access Level:
    DataCenter Provider
    Twitter:
    Sure, run this from SSH console to check the complete firewall list :

     
  5. meeti

    meeti Well-Known Member

    Joined:
    Dec 25, 2007
    Messages:
    119
    Likes Received:
    0
    Trophy Points:
    16
    dear viraj,


    thanks with the help.
     
  6. apscinsspl

    apscinsspl Well-Known Member

    Joined:
    Mar 15, 2008
    Messages:
    112
    Likes Received:
    0
    Trophy Points:
    16
    Hello,

    iptables -I INPUT -s 124.115.0.0/16 -j DROP

    will block the incoming connections, to block the outgoing connections for that Ip range will be:

    /sbin/iptables -A OUTPUT -d 124.115.0.0/16 -j DROP

    I would also suggest you to run the command:

    /sbin/iptables-save

    which will save the IPtables rules in the file:

    /etc/sysconfig/iptables.save

    so that when the server gets rebooted next time, the kernel will load the saved Iptables configuration. Other wise after your next server reboot, this Iprange will be open on the server again.
     
Loading...

Share This Page