Vesta Control Panel - Forum

Community Forum
https://forum.vestacp.com/

Block ip and country in vestacp firewall

https://forum.vestacp.com/viewtopic.php?f=16&t=8519

Page 1 of 1

Block ip and country in vestacp firewall

Posted: Fri Jun 05, 2015 3:40 pm
by geek
Hello.

I have a VPS server with vestacp installed (core package 0.9.8 Release:14) on centos 6.5
Other than running websites, I am also running a VNC server (ports 5500 and 5900) for providing remote support.

In my VNC log, I am constantly getting connection attempts on the VNC ports every second from Korea and China.
There are way too many ip addresses for me to add it manually using the vestacp firewall module.
But It is only from 2 countries and I also have the latest IP address list.

Problem:
Vestacp is having its own firewall module. I am concerned that if I edit iptables manually and then make change in the GUI, it will overwrite the rules that I have added in iptables.

Is there a way that I can block the two countries ip blocks without messing up vestacp configuration?

Re: Block ip and country in vestacp firewall

Posted: Sat Jan 16, 2016 11:52 pm
by BBuchanan1013
geek wrote:Hello.

I have a VPS server with vestacp installed (core package 0.9.8 Release:14) on centos 6.5
Other than running websites, I am also running a VNC server (ports 5500 and 5900) for providing remote support.

In my VNC log, I am constantly getting connection attempts on the VNC ports every second from Korea and China.
There are way too many ip addresses for me to add it manually using the vestacp firewall module.
But It is only from 2 countries and I also have the latest IP address list.

Problem:
Vestacp is having its own firewall module. I am concerned that if I edit iptables manually and then make change in the GUI, it will overwrite the rules that I have added in iptables.

Is there a way that I can block the two countries ip blocks without messing up vestacp configuration?
You can always look into changing the VNC server ports to something completely different. Otherwise, there is a chance that adding/changing something VestaCP could overwrite your manual changes.

Re: Block ip and country in vestacp firewall

Posted: Sat Jan 23, 2016 6:58 am
by BBuchanan1013
I got to thinking about this, and you don't need to use a firewall set. You can use htaccess.

http://www.ip2location.com/blockvisitorsbycountry.aspx

Re: Block ip and country in vestacp firewall

Posted: Wed Feb 13, 2019 4:45 pm
by bobmeetin
I found the ban list by visiting:

https://$ipaddress:8083/list/firewall/banlist/

It gives severall pulldown ban options - WEB for sure, but I'd rather ban it for all. How would you do that?

The spammer IP address is: 93.179.68.108. What is the syntax for banning the subnet, not just the individual IP address?
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/