Thanks
@Ehud that's exactly what I was hoping for.
Is there a limit to the number of IPs you can add in one go with the comma separators? And what do those initial LIST lines do?
No limit, however you should use a strong server.
Each rule should have about up to 200 records, that may be CIDR ranges themselves.
Try not to place more than a few x.x.x.x/16 ranges on each rule.
In total I have about 8-10 Million IPs blockes.
I block all CIDR ranges for ISP of VPS used by hackers to attack our instance as seen in log files, and where legitimate use does not come from.
This can be found by IP check as on:
Full IP address details for 213.190.6.75 (AS47583 Hostinger International Limited) including geolocation and map, hostname, and API details.
ipinfo.io
Which shows the ASN, to be placed into:
And then copy to Excel, and create a comma seperated CIDR IP list. I split long lists and remove duplications (seacrh for the x.x.x.x/16 and see no duplications follow).
Excel structure:
First line:
First column is IPs
Second is ,
Third is =CONCATENATE(A1,B1)
Second line:
First column is IPs
Second is ,
Third is =CONCATENATE(A2,B2)
Fourth is =CONCATENATE(C1,C2) <-- this combines the new data with the list of data from previous lines
Drag the code downwards
Once pasting a list after it was cleaned from duplication
Copy special as values in Excel, and then into the *.txt files of the rules to be paced into SSH CLI
Paste about 2-3 rules each time.
Then activate on that first SSH console
Confirm on the second SSH console within 60 seconds
The update of the FireWall get to take 90-120 minutes, with some down town. It comes back on it own.
On Plesk there is some gracefull configuration which allows Plesk almost to be available almost all of the time.
Open the SSH panels before you start. Track the CLI below to see if the process completed:
# ps aux | grep [f]irewall-new.sh
Be careful first to white list (mostly) AWS IPs used by API of your services, and to make sure you don't block those IPs!
Facebook
Twitter
