Block the IP of the selected country in Firewall

Firewall should be able to block the IP of the selected country. I have a lot of traffic from the IP 5.10. *. *

713 votes

Rafal shared this idea · Oct 9, 2013 · Report… · Admin →

completed ·

AdminPlesk Staff (Community Manager, Plesk International GmbH) responded · Apr 25, 2023

This functionality was added in Plesk 18.0.52 ( https://docs.plesk.com/release-notes/obsidian/change-log/#plesk-18052 ). We suggest you to update to Plesk 18.0.52 and check it out.

The feature is based on ipsets and works out of the box.

By default, the feature uses the free version of the DB-IP geolocation database, but also supports MaxMind DB's.

Feel free to share your feedback at at http://talk.plesk.com. --AA

Show previous admin responses (2)

An error occurred while saving the comment

Anonymous commented · May 1, 2023 8:09 PM · Report

Which database is more accurate?
DB-IP or GeoLite2 Free?

Submitting...
AdminPlesk Staff (Community Manager, Plesk International GmbH) commented · May 1, 2023 7:38 PM · Report

Yes, the GeoIP database will be auto-updated biweekly for Maxmind and once per month for DB-IP.
You can change this behavior in Scheduled Tasks (cronjobs).
--AA

Submitting...
PolarFox commented · April 29, 2023 9:34 PM · Report

I switched to Maxmind GeoLite2 according to instructions and seems to be working.

Just to clarify are the database updates automated and we don't have to worry about that? I see there is a "GeoIP Update program" ?

Submitting...
GravuTrad commented · April 29, 2023 8:26 AM · Report

and set the firewall as an extension was the real good thing to do. Thanks for all.

Submitting...
GravuTrad commented · April 29, 2023 8:21 AM · Report

Simple: add new rule, name it, deny, put in "sources" (which should be more named "countries"...) all the 2 letters on the countries you want to block. (add one each time). Save all.
If not working first time (not applying), disable firewall and reenable it (by the button) and reapply.

Submitting...
GravuTrad commented · April 29, 2023 8:17 AM · Report

To know how to set country firewall rule:

https://docs.plesk.com/en-US/obsidian/administrator-guide/plesk-administration/plesk-for-linux-the-plesk-firewall.72046/

Submitting...
GravuTrad commented · April 29, 2023 8:11 AM · Report

Yes! Great news! Big thanks!
For working i had to disable firewall and reenable first. (if not applying the new country rules fails)
After this no problem at all (new, modifying etc)

Submitting...
Marc Serra commented · April 25, 2023 8:00 PM · Report

The setting is a little bit hidden. You need to a add a custom rule and add country code on sources field...

IP address (for example, 192.168.0.1 or fc00::1), network (for example, 192.168.0.0/16 or fc00::/7) or two-letter ISO 3166 country code (for example, AF or ZW)

Submitting...
AdminPlesk Staff (Community Manager, Plesk International GmbH) commented · April 25, 2023 7:46 PM · Report

Please update the Firewall extension to the latest 2.0 version in the Extension Catalog or from our website https://www.plesk.com/extensions/firewall/
It's usually done automatically within a day.
--AA

Submitting...
Marc Serra commented · April 25, 2023 7:37 PM · Report

Like @Qness we can't find the option on plesk firewall settings. Updated to 18.0.52 right now

Submitting...
Qness commented · April 25, 2023 8:31 AM · Report

Hello, I'm Looking at the firewall and I don't see any option to modify the country. Can you please direct me to link or screenshot? I do have the last version 18.0.52

Thanks!

Submitting...
Othmane commented · April 4, 2023 1:29 AM · Report

Important feature.

Submitting...
Matthew commented · April 1, 2023 5:11 AM · Report

Bruteforce attacks on mailboxes are nightmare. Please add this feature, we need to block IP's from other countries.

Submitting...
SpyderZ commented · November 4, 2022 12:14 PM · Report

• Block all traffic to the server using the firewall.
• Enable Cloudflare for your domains/server.
• Firewall Whitelist Cloudflare's IPs for only port 443

Submitting...
Larsen commented · November 4, 2022 7:30 AM · Report

nginx would only block HTTP traffic. For one we use Apache and also we want to block every connection, not only HTTP.

Submitting...
Frank Mailänder commented · November 4, 2022 4:55 AM · Report

At the moment I solved it with ipset

Submitting...
Bryan S. Katz commented · November 4, 2022 4:53 AM · Report

I can't use nginx, so I've completely disabled it. I presume that means I can't use the GeoIP module mentioned?

Submitting...
Denis Kondopoulos commented · November 4, 2022 3:34 AM · Report

This does not cater for Windows Server though.

Submitting...
Motaz Elshazly commented · October 30, 2022 11:53 AM · Report

This is an important feature.

Submitting...
Udo Waigand commented · October 25, 2022 10:13 PM · Report

I think the attacks from certain countrys is growing. This would help to make all more safty in an easier way.

Submitting...