• The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

access log control and ban ip

S

secretman

Guest
Hello,
when insert on plesk on the admin server a page with log including ip, cpu load and site visited on admin general?
On plesk is impossible ban ip for single domain access.
Some users spam or illegal reload sites and server go on crash. With the ban ip this problem is resolved.
 
IP Bans

On my Servers i block several IP's with IP-Tables. But you should always pay attention when doing this, because Spammers and Hackers use Dial-Up connections. So you might block "normal" Users someday. ;) I recommend blocking those IP's for shure. The Vendor Group is a community of very aggressive spammers:

# Black list of spammers/hackers
# These guys are pests! Let's stop them at the firewall
# May cause issues if these ip addresses get assign to someone
# else in the future
iptables -A INPUT -i eth0 -s 61.141.203.0/24 -j BL # bnd56.com & other chinese spammers
iptables -A INPUT -i eth0 -s 64.70.22.96/28 -j DROP # Vendare Group (Jackpot.com, jpmailer.com)
iptables -A INPUT -i eth0 -s 209.132.245.64/27 -j BL # Vendare Group (Jackpot.com, jpmailer.com)
iptables -A INPUT -i eth0 -s 216.34.211.16/28 -j BL # Vendare Group (Jackpot.com, jpmailer.com)
iptables -A INPUT -i eth0 -s 216.34.216.140/27 -j BL # Vendare Group (Jackpot.com, jpmailer.com)
iptables -A INPUT -i eth0 -s 216.52.237.0/27 -j BL # secureprivatepay*.{com,org,net}
iptables -A INPUT -i eth0 -s 216.52.244.0/27 -j BL # secureprivatepay*.{com,org,net}
iptables -A INPUT -i eth0 -s 216.52.248.32/27 -j BL # secureprivatepay*.{com,org,net}
iptables -A INPUT -i eth0 -s 216.131.94.43 -j BL # reliablehosting.com
iptables -A INPUT -i eth0 -s 81.23.243.8 -j BL # search.msn.com
iptables -A INPUT -i eth0 -s 207.115.56.39 -j BL # prodigy.net
iptables -A INPUT -i eth0 -s 221.5.2.2 -j BL # Spammer Messagecastle.com
iptables -A INPUT -i eth0 -s 217.81.60.27 -j BL

I recommend to limit access to your SSH to always one (your) IP! I did it with a dynamic host like dyndns.org, wich can be updated automatically in a cron job. You can take the preview of the Plesk-Firewall script and modify it. Then paste the whole script in a bash-file. Add your rules and let it be runned by a cron-job. If your ISP changes the IP's regularly you can fit the cron-job for it. If your IP is not actual and bans yourself , you can still switch it with your Plesk-Firewall-Module.

If you would like to see my script(s) tell me. I'll help you out ;)
 
You must log in or register to reply here.

Similar threads

X
Resolved everything stops when I use wordpress
Replies
4
Views
709
Xenesy
X
B
Issue High latency, unreliable performance & 522 errors on a Plesk server that ran fine for 6+ months
Replies
1
Views
216
Sebahat.hadzhi
Sebahat.hadzhi
E
Resolved Access to a single domain under "My Subscriptions" doesn't work
Replies
2
Views
1K
EmperorFPI
E
H
Issue Unable to Access WordPress Site After Recent Update
Replies
1
Views
1K
Peter Debik
P
L
Issue Daily Maintenance Script Spawns Off A Bunch Of PHP-FPM processes Leading To Huge Load Spike
Replies
2
Views
404
Ladylinux
L
Back
Top