Block the IP of the selected country in Firewall
Firewall should be able to block the IP of the selected country. I have a lot of traffic from the IP 5.10. *. *
Rafal
shared this idea
60 comments
-
PB
commented
+1
-
Anonymous
commented
who the f... whats china on servers? 99% of queries from this country trigle security apps. country block dont need to be 100% effective but is effencial to keep possibility of locking none-targeted users by default. MAKE THIS FEATURE AVALIBLE FOR PLESK! so we dont have to share our analytics with cloudflare-like companies!
-
Anonymous
commented
Firewall should be able to block the IP of the selected country, i have the same traffic problem like others. Thanks in advance!
-
Anonymous
commented
Firewall should be able to block the IP of the selected country. I have a lot of traffic from the IP 5.10. *. *
-
Tarik
commented
Thanks @Mikhail Krivoshein it might be a solution! i will gie it a try. I find this article on a plesk forum: https://talk.plesk.com/threads/how-do-i-install-the-geoip.337520/
-
Mikhail Krivoshein
commented
IP has no country by design. Takes some effort to maintain a GeoIP database and even so it probably won't be precise.
-
Tarik
commented
Firewall should be able to block the IP of the selected country
-
mydragz
commented
Plesk must have this option if you want the most secured system
-
Anonymous
commented
fk china..
-
Pete
commented
+1 to this. The more security, the better.
-
Anonymous
commented
it's really necessary, because the half of ucraine likes to attack my Server
-
SGI
commented
Me too. Countries like China, Russia, etc. attack my servers constantly.
-
Anonymous
commented
well it should be possible to block certain countries from accessing certain ports - for example mail ports ... to prevent password cracking attempts.
-
eightynn
commented
this feature is more important today than ever. i don't really understand why so few votes were made for it. :(
-
pguy
commented
plesk is one of the best applications i used in my live. so you have to go forward.
-
Anonymous
commented
This is a very important feature as people try and ***** SMTP passwords and even if paying for Imunify360 that doesnt help because each attempt comes from a new password. If you know which geographical location most of your users are from then we should be able to block IMAP/SMTP access from all countries and only allow certain countries. This works well in Juggernaut but seeing that I pay so much more from Imunify360 I would expect this to be standard in Imunify360
-
stalkerdab
commented
Have the same problem
-
Dimitris
commented
Maintaining lists of IPs or even subnets by hand on multiple servers is neither practical nor secure enough. There are already projects that maintain such lists (honeypot, ip2location etc).
-
Anonymous
commented
I have enabled fail2ban and greylisting but I still frequently see servers in the mail.log which try to login with dictionary passwords.
The only way I know to get rid of those is to deny them completely.
It is a pain to do this from the GUI and there should be a CLI for this. -
Anonymous
commented
The Plesk firewall already can blocks of networks, by adding a CDIR netmask.
In your example, use 5.10.0.0/16 to block all traffic from the 2.10 network.
However, this does not block data from a specific country, but from a specific (group of) network(s). Keep in mind that countries may have a lot of A/B/C type of networks that are not consecutively ordered.I don't know any complete list of networks used in a specific country, but you can do a search at organisations like ripe.net, apnic.net, afriinc.net and arin.net to do research for networks.