Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

How to block several thousands of IP ranges?

Discussion in 'Security' started by bcadej, Aug 20, 2015.

  1. bcadej

    bcadej Member

    Joined:
    Aug 20, 2015
    Messages:
    16
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    Slovenija
    cPanel Access Level:
    Root Administrator
    I would like to block ranges of IP addresses access to my site using IP Address Deny Manager in cPanel. I have several thousands of IP ranges such as 41.78.84.0/22 arranged in .zone files. Is there an easy way to copy these several thousands of IP ranges to my sever to block IPs? I also have full access to server, so is there another way to copy these IPs to server?


    Thanks for help.


    Bostjan
     
  2. cPanelMichael

    cPanelMichael Technical Support Community Manager
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,803
    Likes Received:
    1,898
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello :)

    I suggest blocking the IP addresses in your firewall using a firewall management utility such as CSF:

    http://configserver.com

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. bcadej

    bcadej Member

    Joined:
    Aug 20, 2015
    Messages:
    16
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    Slovenija
    cPanel Access Level:
    Root Administrator
    I have CSF. To where do I copy these files in CSF setup?

    But will this setup in CSF block access to the whole server (and all services, SHH, email, FTP, web, ...) or just one site?
     
  4. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    16,478
    Likes Received:
    421
    Trophy Points:
    583
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    You might want to be careful here as blocking thousands of IPs without knowing much about what you're doing can be problematic.
    The ConfigServer Firewall settings page has lots of great tools and options, you should spend some time going over them and reading the explanations and warnings.

    See attachment:

    dny_IP_lmts.png
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. keat63

    keat63 Well-Known Member

    Joined:
    Nov 20, 2014
    Messages:
    1,017
    Likes Received:
    45
    Trophy Points:
    28
    cPanel Access Level:
    Root Administrator
    CSF will block access to the whole server,.
    You can add IP's to CSF via the "Firewall Deny IP's" button.

    However if you have thousands of IP's, then i think you have to do this via a hotlist of some sort, as adding them to the Firewall deny List, could cause problems.

    I guess if you're adding class C's, then this list could be compacted down to a handfull, in which case, this would work.

    How many people should have access to ftp, ssh, cpanel etc, as you could block everyone in the whole universe except a small handfull, in WHM >> HOST ACCESS CONTROL.
     
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice