• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

How can I ban IP-adresses in PLESK 7.5.2?

E

editor

Guest
cPanel and vDeck allow the admin to post some special
ip-numbers, which should be banned. This feature is sometimes
very helpful to lock some unwanted visitors.

vDeck says here:
"Ban access to your website from particular IP addresses.
Either enter a full address, or part of an address to ban a range.
This can be useful when specific users or robots are abusive
towards your web site.
Enter an IP address/range: [___].[___].[___].[___] [bann ths IP/range]"

In Plesk 7.5.2, I was not able to find this cool feature. Does this
feature not exist or did I oversee it anywhere in my Plesk-Admin?
How can I realize this for the complete Plesk-Server for all
domainnames onto it?

Thank you.
 
Hello,
I think you can acheive this here:

Plesk CP.... go to server --> down at the bottom left "administrator info" click "access"

Now on next page add a new network and allow or deny CP access using IP or Subnet.

Hope this helps, i didn't test it out....

-poke
 
Originally posted by poke
Hello,
I think you can acheive this here:

Plesk CP.... go to server --> down at the bottom left "administrator info" click "access"

Now on next page add a new network and allow or deny CP access using IP or Subnet.

Hope this helps, i didn't test it out....

-poke

Thank you for your idea. This chapter speaks only about the
access to the control panel itself (Port 8443), here

https://www.rootdomainname.tld:8443

But what I want is to ban IP-numbers to surf to all domainnames
on port 80, f.e.

http://www.mydomainname.tld
http://www.anotherdomain.tld
http://subdomain.hmm.tld

See, there are some spiders running in Korea and China.
Pure machines which are only online to **** email-adresses
and then to get them in a spamer-database. I know the
IP-numbers of their IP-network and C-Class. I want to lock
them, which means to ban their IP-numbers.

Another example are some special hackers who always try
to use some special IP-numbers for hacking into the Plesk-
System. They also have nothing to surf anywhere on my
Plesk-Server.

And I know also another example. Some spiders of some
special search-machines and linkcheckers try to rush so wild
and crazy over all the domainnames, that they produce big
traffic. They are only here for just wasting traffic which I must
pay. So, also such "machines" have to be locked and are not
allowed to surf on all domainnames.

Alike you see, there are many reason and I want to ban some
IP-numbers for HTTP-surfing on all domainnames which are
run here at the Plesk-System. I could not find this feature on
Plesk 7.5.2.... or do I stand on the cable?
 
Interesting....

Sorry I didn't get to the root of the problem. I guess psa doesn't have this feature.


regards,
poke
 
No, Plesk does not have this built-in to the standard control panel.

I have not paid or tried the Plesk Firewall feature, so I don't know if they may have it in that module or not.

You would have to manually make entries to the IPTABLES file and then restart your IPTABLES firewall module.

It's not that difficult, but can be time consuming if you are going to continually add to the banned IP ranges.

There are many googled results for IPTABLES examples, but if you've never dealt with firewall configuration, be careful not to accidentally leave your box unprotected....

If you look at your /etc/sysconfig/iptables file, you can add a line somewhere after the line '*filter'.

To 'ban' an IP would be as simple as adding something like:

-A INPUT -s xx.yy.zz.ww/ss -i eth+ -j DROP

where xx.yy.zz.ww/ss would be the IP or CIDR range such as 213.22.0.0/16 for one of the AsiaPacific IP blocks.

I have had to block many many many ranges of APNIC and RIPE ranges due to spammers.

Luckily none of my clients needs to communicate to China, Japan, large parts of Europe, Israel, Iran, Spain, etc.

Spain, France, China, are really big spam areas. Italy, Poland, Portugal, Latvia are the next big ones which I have seen. There are many US based IP blocks which I have blocked as well. Mainly the ones which specialize in sales & marketing...

If you want to block browsing on a 'per domain' basis, there is a way to do it in the .htaccess file.
 
Originally posted by jamesyeeoc
No, Plesk does not have this built-in to the standard control panel.

Cite:

"...The most comprehensive set of features that hosting
providers can find on the market today...."
cp. http://www.sw-soft.com/en/products/plesk/

I think, I know why Plesk do not want to support banning
IP-Adresses because of the spammers. It seems so, that
they want to make money with their "SpamAssassin Anti-SPAM
Support Interface", costs $49.00.
cp. http://www.sw-soft.com/en/buyonline/plesk75reloaded/
 
The firewall module for Plesk is free. Try it, I use it to ban unwanted visitors.
 
I stand corrected. I didn't see it listed under Server, Service Management, so I figured it was not included in the 'base' Plesk. I did find it under Modules....

Now I just have to test to see that it does not overwrite my own custom IPTABLES settings....

Thanks Jamai !
 
No problem. I haven't really tested the firewall module, to see what it does and what not, but I have no doubt it works well.
 
It won't work well for me though, I just received reply from SWSoft, their scripts controlling IPTABLES will totally over-ride anything already existing in the /etc/sysconfig/iptables file. I have spent way too much time customizing my firewall, so I'll be uninstalling their module right away.

It appears that they store whatever settings you enter into a database as blobs, so it's not human readable. Then they have a couple of short scripts which control the calling of iptables. I'd rather have my own human readable config file, easier to backup/modify/etc.
 
btw: is this normal, that I cannot post here a screenshoot (.jpg, 70kBytes)
by "attach file"?
 
Back
Top