Block the IP of the selected country in Firewall
Firewall should be able to block the IP of the selected country. I have a lot of traffic from the IP 5.10. *. *
Rafal
shared this idea
This functionality was added in Plesk 18.0.52 ( https://docs.plesk.com/release-notes/obsidian/change-log/#plesk-18052 ). We suggest you to update to Plesk 18.0.52 and check it out.
The feature is based on ipsets and works out of the box.
By default, the feature uses the free version of the DB-IP geolocation database, but also supports MaxMind DB's.
Feel free to share your feedback at at http://talk.plesk.com. --AA
-
Sylvio
commented
On linux just switched to Juggernaut extension and I m very happy with it !
-
KIt
commented
This feature is a necessity.
-
Markus
commented
Thanks @IgorG for the link in Plesk forum and @Rafal for the great idea.
Wow, so many supporters.
When do think it will be realized (not exactly, only in months or seasons)? -
EhudZ
commented
True, Juggernaut does so, however for a heafty $100 a yaer. This task should nit cost that.
-
Tim
commented
Juggernaut Security and Firewall extension has this feature for Linux users:
-
EhudZ
commented
Re BitNinja, please also note the heafty price it comes with... $300 a year, as a Plesk extension.
-
EhudZ
commented
Hi,
Would BitNinja remove the uage of the Plesk built-in FireWall IPTables and IPSet, as it requires their usage:
https://doc.bitninja.io/installation/ubuntu1004.htmlWhat does the non-pro version provide?
And, is the Plesk installation of the extension reversable exactly to pre-installation configuration
(for example Plesk FireWall manual rules)? -
Avinesh
commented
Use BitNinja. Works well with Plesk. We use them to block entire countries from our servers.
-
Anonymous
commented
Idea 2013 and now 2021. yet not implemented. Plesk becoming hopeless for me.
-
Júbilo Estudios commented
Block 5.10.0.0 - 5.10.255.255 = 65,536 IPs. Is not a practical solution, china for example has 356,936,737 IPs. Even just blocking the IPV4 either, many attacks we receive come from IPV6 from Dubai for example.
-
EhudZ
commented
spams comes from all over, not only from 64K IPs...
-
Anonymous
commented
Additional note:
If you block the ip*.*.*.*
Your server is protected.
(including from yourself)
-
Fadi Asbih commented
You can use the Plesk Firewall to block all traffic from this network: 5.10. *. *
1) Create a custom firewall rule and name it i.e. "Block Suspicious IPs" as described here: https://support.plesk.com/hc/en-us/articles/360000875494-How-to-block-an-IP-address-in-Plesk-Firewall
2) in the Sources add the the network in this format: 5.10.0.0/16 (s.screenshot)
3) Save and Apply the new rule
This will block all these IPs: 5.10.0.0 - 5.10.255.255, meaning it will block 65,536 IPs.
-
Anonymous
commented
+15
-
Azurel
commented
@Developer take a look in this https://www.ipdeny.com/ipblocks/
Make a List like this with a checkbox and clear list maybe daily and add selected country-ips in it. It can't be that hard and would significantly improve safety. ;)
// cn=china
firewall-cmd --permanent --ipset=blocked_country_ipv4_cn --add-entries-from-file=ipv4_cn.zone -
Azurel
commented
Is it not possible to use this?
https://docs.nginx.com/nginx/admin-guide/security-controls/controlling-access-by-geoip/I have hundreds of fail2ban banned bot ips from russian and china. I want stop any traffic from there.
-
Anonymous
commented
This feature would allow me to target my customers better, whist also making my sites more secure by blocking those countries that frequently try to hack my sites.
-
EhudZ
commented
All of these deny country tools, are REALLY EASY to build. Their code is like 200 lines, and they use free real-time updating DB of IP associated to countries.
This should be a built-in Plesk tool, and no need for a monthly payment for it. It's worth 5 USD a year, not 5 USD a month... -
wolf
commented
+1
-
Anonymous
commented
+1
