The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

How do I block an IP from my box?

Discussion in 'General Discussion' started by justhost, Apr 4, 2004.

  1. justhost

    justhost Well-Known Member

    Joined:
    Sep 2, 2003
    Messages:
    108
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Halifax, Nova Scotia
    Hello, I have someone connected to my machine whose IP resolves to China. When I look at Apache status, the VHost is my hostname, and the Request is GET / HTTP/1.1. this concerns me and I want to kick that IP offf and block it?

    Anyone please?
     
  2. SarcNBit

    SarcNBit Well-Known Member

    Joined:
    Oct 14, 2003
    Messages:
    1,010
    Likes Received:
    3
    Trophy Points:
    38
    If you are running iptables you would simply enter:

    PHP:
    iptables -I INPUT -<IP> -j DROP
    substituting the IP you want to block for <IP>
     
  3. justhost

    justhost Well-Known Member

    Joined:
    Sep 2, 2003
    Messages:
    108
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Halifax, Nova Scotia
    Does this also kick said IP from machine if they are currently connected?

    I ask this because the following is shown when I look at Apache Status:

    41-5 - 0/0/1 . 0.00 17097 0 0.0 0.00 0.02 64.12.116.207 (unavailable) GET /images/backgroundblack.jpg HTTP/1.0
    42-5 - 0/0/2 . 0.00 17097 0 0.0 0.00 0.00 64.12.116.79 (unavailable) GET /buttons/contact2.jpg HTTP/1.1
    43-0 - 0/0/1 . 0.00 349951 0 0.0 0.00 0.00 64.12.116.82 (unavailable) GET /buttons/about1.jpg HTTP/1.0
    44-0 - 0/0/1 . 0.00 349950 0 0.0 0.00 0.00 64.12.116.78 (unavailable) GET /buttons/science2.jpg HTTP/1.0
    45-0 - 0/0/1 . 0.00 349950 0 0.0 0.00 0.00 64.12.116.20 (unavailable) GET /buttons/arts2.jpg HTTP/1.0
    46-0 - 0/0/1 . 0.01 349950 2 0.0 0.00 0.000 64.12.116.75 (unavailable) GET /buttons/sports2.jpg HTTP/1.0
    47-0 - 0/0/1 . 0.00 349950 0 0.0 0.00 0.00 64.12.116.8 (unavailable) GET /buttons/pageE2.jpg HTTP/1.0
    48-0 - 0/0/1 . 0.00 349949 0 0.0 0.00 0.00 64.12.116.147 (unavailable) GET /buttons/about2.jpg HTTP/1.0
    49-0 - 0/0/2 . 0.00 349934 130 0.0 0.00 0.03 64.12.116.14 (unavailable) GET /images/kerry.jpg HTTP/1.1
    50-0 - 0/0/1 . 0.00 349935 87 0.0 0.00 0.01 64.12.117.17 (unavailable) GET /mainpages/international.htm HTTP/1.0


    The SS (SS Seconds since beginning of most recent request ) values are huge (349935, etc). These IP's are America Online? I have no clients in these areas? Anyone with info please let me know.

    Thank you.
     
  4. SarcNBit

    SarcNBit Well-Known Member

    Joined:
    Oct 14, 2003
    Messages:
    1,010
    Likes Received:
    3
    Trophy Points:
    38
    Yes it would.

    64.12.X.X is an AOL netblock.
     
  5. whizkid

    whizkid Active Member

    Joined:
    Jun 17, 2003
    Messages:
    26
    Likes Received:
    0
    Trophy Points:
    1
    A firewall and BFD would help, and might even solve your issue. We use these all the time. Feel free to contact us if you require assistance installing these.


    Rick
    Fat Network Support
    Reseller Hosting & System Administration
    http://www.fatnetwork.net
     
Loading...

Share This Page