Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

How to block several thousands of IP ranges?

Discussion in 'Security' started by bcadej, Aug 20, 2015.

  1. bcadej

    bcadej Member

    Joined:
    Aug 20, 2015
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Slovenija
    cPanel Access Level:
    Root Administrator
    I would like to block ranges of IP addresses access to my site using IP Address Deny Manager in cPanel. I have several thousands of IP ranges such as 41.78.84.0/22 arranged in .zone files. Is there an easy way to copy these several thousands of IP ranges to my sever to block IPs? I also have full access to server, so is there another way to copy these IPs to server?


    Thanks for help.


    Bostjan
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    38,179
    Likes Received:
    1,374
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello :)

    I suggest blocking the IP addresses in your firewall using a firewall management utility such as CSF:

    http://configserver.com

    Thank you.
     
  3. bcadej

    bcadej Member

    Joined:
    Aug 20, 2015
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Slovenija
    cPanel Access Level:
    Root Administrator
    I have CSF. To where do I copy these files in CSF setup?

    But will this setup in CSF block access to the whole server (and all services, SHH, email, FTP, web, ...) or just one site?
     
  4. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    15,681
    Likes Received:
    299
    Trophy Points:
    433
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    You might want to be careful here as blocking thousands of IPs without knowing much about what you're doing can be problematic.
    The ConfigServer Firewall settings page has lots of great tools and options, you should spend some time going over them and reading the explanations and warnings.

    See attachment:

    dny_IP_lmts.png
     
  5. keat63

    keat63 Well-Known Member

    Joined:
    Nov 20, 2014
    Messages:
    875
    Likes Received:
    25
    Trophy Points:
    28
    cPanel Access Level:
    Root Administrator
    CSF will block access to the whole server,.
    You can add IP's to CSF via the "Firewall Deny IP's" button.

    However if you have thousands of IP's, then i think you have to do this via a hotlist of some sort, as adding them to the Firewall deny List, could cause problems.

    I guess if you're adding class C's, then this list could be compacted down to a handfull, in which case, this would work.

    How many people should have access to ftp, ssh, cpanel etc, as you could block everyone in the whole universe except a small handfull, in WHM >> HOST ACCESS CONTROL.
     
Loading...

Share This Page