The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

How to block an IP to access the whole Server ?

Discussion in 'General Discussion' started by donnie, Jul 16, 2003.

  1. donnie

    donnie Active Member

    Joined:
    May 23, 2003
    Messages:
    37
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    uk
    Hi Everybody,
    I want to know that how can I block a particular IP to access the server or even that particular IP is not able to access any site on the server.

    Thanks

    Donnie

    cPanel.net Support Ticket Number:
     
  2. Website Rob

    Website Rob Well-Known Member

    Joined:
    Mar 23, 2002
    Messages:
    1,506
    Likes Received:
    0
    Trophy Points:
    36
    Location:
    Alberta, Canada
    cPanel Access Level:
    Root Administrator
    Use iptables

    /sbin/iptables -I INPUT -s xx.xx.xx.xx -j DROP

    Copy & paste to use when in 'root' shell -- where xx.xx.xx.xx is the actual IP address to drop. They won't be able to access anything on your Server.

    cPanel.net Support Ticket Number:
     
  3. Doctor

    Doctor Well-Known Member

    Joined:
    Apr 26, 2003
    Messages:
    180
    Likes Received:
    0
    Trophy Points:
    16
    If you restart the server, the IPTABLES get reset and all the IPs entered for blocking will be gone.

    Is there a permanent solution for blocking IPs for the entire server?

    cPanel.net Support Ticket Number:
     
  4. tAzMaNiAc

    tAzMaNiAc Well-Known Member

    Joined:
    Feb 16, 2003
    Messages:
    559
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Sachse, TX
    Put that drop line into /etc/rc.d/rc.local

    (at the end)

    that way when you reboot, it'll reload it again..

    Brenden

    cPanel.net Support Ticket Number:
     
  5. Doctor

    Doctor Well-Known Member

    Joined:
    Apr 26, 2003
    Messages:
    180
    Likes Received:
    0
    Trophy Points:
    16
    Everyone... is this a better drop line than the one provided by Website Rob?

    iptables -A INPUT -m tcp -p tcp --dport 80 -s IP -j DROP

    where IP is replaced by the IP address (of course!)..hehe..

    Just need to know the difference between the two.

    cPanel.net Support Ticket Number:
     
  6. DWHS.net

    DWHS.net Well-Known Member
    PartnerNOC

    Joined:
    Jul 28, 2002
    Messages:
    1,569
    Likes Received:
    6
    Trophy Points:
    38
    Location:
    LA, Costa RIca
    cPanel Access Level:
    Root Administrator
    What's wrong with the .hostdeny file used by port sentry?

    cPanel.net Support Ticket Number:
     
  7. pingo

    pingo Well-Known Member

    Joined:
    Nov 16, 2002
    Messages:
    430
    Likes Received:
    0
    Trophy Points:
    16
    SSH and write:
    /sbin/route add -host < offending IP-no here > reject

    Will kill incoming and outgoing connections from that IP but only until you reboot your server.

    If you would like it to be nullrouted permanently do as already suggested:

    pico /etc/rc.d/rc.local - add above line, and it will be re-execute each time the server is rebooted.

    John

    cPanel.net Support Ticket Number:
     
  8. Doctor

    Doctor Well-Known Member

    Joined:
    Apr 26, 2003
    Messages:
    180
    Likes Received:
    0
    Trophy Points:
    16
    By the way guys, how does one block an entire range of IP using IPTABLES?

    cPanel.net Support Ticket Number:
     
  9. oderland

    oderland Well-Known Member
    PartnerNOC

    Joined:
    Dec 30, 2002
    Messages:
    103
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Kungsbacka, Sweden
    /etc/hosts.deny

    Hi

    The simplest thing is to drop this line into your
    /etc/hosts.deny file:

    All: ip no

    cPanel.net Support Ticket Number:
     
  10. silvernetuk

    silvernetuk Well-Known Member

    Joined:
    Sep 2, 2002
    Messages:
    311
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    United Kingdom
    Re: /etc/hosts.deny

    So it would be

    All: 123.123.123.123

    Is that right or have I got it wrong ?

    Regards,
    Garry

    cPanel.net Support Ticket Number:
     
  11. internetfab

    internetfab Well-Known Member
    PartnerNOC

    Joined:
    Feb 20, 2003
    Messages:
    336
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Gothenburg, Sweden
    cPanel Access Level:
    DataCenter Provider
    jepp

    yes. That should do it.

    Cheers JackOderland

    cPanel.net Support Ticket Number:
     
  12. ivaserver

    ivaserver Well-Known Member

    Joined:
    Aug 9, 2002
    Messages:
    111
    Likes Received:
    0
    Trophy Points:
    16
    So it would be

    All: 123.123.123.123


    what about an ip range or miltiple ip addresses?

    Regards
    Ivaserver

    cPanel.net Support Ticket Number:
     
  13. Jemshi

    Jemshi Well-Known Member

    Joined:
    Sep 11, 2003
    Messages:
    210
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    India
    use iptables like this.

    iptables -A INPUT -s xxx.xxx.xxx.0/24 -j DROP

    this will block all IPs in the range

    xxx.xxx.xxx.0 - xxx.xxx.xxx.255
    /16 means the last two sections.
    /0 is full :)

    remember to save using iptables-save or

    /etc/rc.d/init.d/iptables save.

    cPanel.net Support Ticket Number:
     
  14. internetfab

    internetfab Well-Known Member
    PartnerNOC

    Joined:
    Feb 20, 2003
    Messages:
    336
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Gothenburg, Sweden
    cPanel Access Level:
    DataCenter Provider
    All: 123.123.123.123 , xxx.xxx.xxx.xxx

    do not remember how to do it for ip range

    We use to put in the /etc/hosts.allow hosts names from which users are allowed to login thru ssh

    ssh: ip, ip ,ip

    cPanel.net Support Ticket Number:
     
  15. cxteam

    cxteam Registered

    Joined:
    Oct 7, 2003
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    It would be better for you to install APF Firewall.

    cPanel.net Support Ticket Number:
     
  16. oderland

    oderland Well-Known Member
    PartnerNOC

    Joined:
    Dec 30, 2002
    Messages:
    103
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Kungsbacka, Sweden
    jepp, we use that to. but you can never be sure :)

    cPanel.net Support Ticket Number:
     
  17. ivaserver

    ivaserver Well-Known Member

    Joined:
    Aug 9, 2002
    Messages:
    111
    Likes Received:
    0
    Trophy Points:
    16
    Thanks

    can i go through what i think i should do to block ip addresses from spammers: mail.outstandingvalues.com and mail.meta-deals.com


    63.212.169.92

    63.212.169.94

    63.212.169.90

    63.212.169.91

    63.212.169.93

    63.212.169.85

    63.212.169.86

    63.212.169.89

    63.212.169.88

    63.212.169.87

    63.212.169.82

    63.212.169.81

    63.212.169.84

    63.212.169.80

    63.212.169.83

    63.212.169.68

    63.212.169.72

    63.212.169.73

    63.212.169.70

    63.212.169.71

    63.212.169.69

    63.212.169.75

    63.212.169.78

    63.212.169.79

    63.212.169.77

    63.212.169.74

    63.212.169.76

    63.212.169.110

    63.212.169.107

    63.212.169.108

    63.212.169.109

    63.212.169.106

    63.212.169.112

    63.212.169.111

    63.212.169.114

    63.212.169.115

    63.212.169.113

    63.212.169.117

    63.212.169.119

    63.212.169.120

    63.212.169.118

    63.212.169.116

    63.212.169.121

    63.212.169.122

    63.212.169.123

    63.212.169.125

    63.212.169.126

    63.212.169.124

    63.212.169.103

    63.212.169.100

    63.212.169.102

    63.212.169.105

    63.212.169.101

    63.212.169.104






    is this correct

    log in as root

    type in, iptables -A INPUT -s 63.212.169.0/24 -j DROP

    return


    then type in, 63.212.169.0 - 63.212.169.255

    return

    then type in, /etc/rc.d/init.d/iptables save.

    return


    Is this correct?

    Thanks
    Ivaserver

    cPanel.net Support Ticket Number:
     
Loading...

Share This Page