Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

How Do I Block Range of IPs?

Discussion in 'General Discussion' started by bmcpanel, Feb 27, 2007.

  1. bmcpanel

    bmcpanel Well-Known Member

    Joined:
    Jun 1, 2002
    Messages:
    546
    Likes Received:
    0
    Trophy Points:
    316
    Hi. I want to block a range of IPs. Currently, I use the following command as an effective weapon against the IPs of people I find in the log trying to do bad things.

    /sbin/route add -host x.x.x.x reject

    Works like a charm. I then put the offending IP in the file /etc/rc.d/rc.local so that it will reload the bad ips when the server reboots next.

    I also use Chirpy's CSF/LFD firewall, and it succesfully blocks offensive IPs also.

    What I need, though, is the ability to block an entire range of IPs. For example, i have a very persistant hacker trying to access from the range 205.196.x.x. The last two numbers are always changing but the first two remain the same.

    How do I block this "range" of IPs from accessing my server.

    Note, I know how to add a range of IPs in a .htaccess file for a certain account, I put this in...

    deny from 205.196.

    But when I try this with /sbin/route, it will not accept the ip.

    Thanks.
     
  2. mickalo

    mickalo Well-Known Member

    Joined:
    Apr 16, 2002
    Messages:
    782
    Likes Received:
    5
    Trophy Points:
    318
    Location:
    N.W. Iowa
    Check out DNSstuff tools at http://www.dnsstuff.com/ they offer CIDR/Netmask which will assist in getting the IP ranges.

    Mickalo
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. gorilla

    gorilla Well-Known Member

    Joined:
    Feb 3, 2004
    Messages:
    695
    Likes Received:
    1
    Trophy Points:
    168
    Location:
    Sydney / Australia
    just block the range like this in your firewall

    205.196.0.0/16

    and if you dont want to be that aggressive

    205.196.111.0/24
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  4. bmcpanel

    bmcpanel Well-Known Member

    Joined:
    Jun 1, 2002
    Messages:
    546
    Likes Received:
    0
    Trophy Points:
    316
    Cool. That's just what I was looking for. Thanks.
     
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice