Hi,
This could have been done with IPTables, however if used, this prevents Plesk Fire Wall from working...
You may have a look at this solution:
Block countries using iptables + ipset + ipdeny.com - mkorthof/ipset-country
github.com
And, how to add a cron:
A step by step guide for scheduling cron jobs and commands on Linux, *BSD, and Unix-like operating systems using crontab.
www.cyberciti.biz
Also, read this:
Block countries using iptables + ipset + ipdeny.com -> moved to https://github.com/mkorthof/ipset-country - ipset-country.md
gist.github.com
************************************************************************************
I chose not to use it, as I needed the Plesk Fire Wall in place. My documentation includes the following:
Download script
Edited file to place countries according to ther codes
Also changed FIREWALLD=0 (16-07-2020) # Use firewalld instead [0/1]
This may allow Fail2Ban or FireWall control
Edited country list according to codes on:
Uploaded file via Plesk
Renames to remove extension *.txt suffix
moved the file to the daily cron directory.
mv /var/www/vhosts/currenge.com/httpdocs/wp-content/uploads/whitelists_upload/ipset-country /etc/cron.daily/ipset-country
Had to save the cron job in a special manner, so it became activated:
cron job activated with saving command:
chmod +x /etc/cron.daily/ipset-country
PROBLEM
Testing for blocked countries shows access. Test via site:
Geo Browse | Free Country Screenshot Tool
Geo Browse is a simple tool that will show you how your website looks from 80+ countries. Check your website from various locations for free!
geotargetly.com
ls –la /etc/cron.daily
cp /etc/cron.daily/ipset-country /etc/cron.hourly/ipset-country
chmod +x /etc/cron.daily/ipset-country
chmod +x /etc/cron.hourly/ipset-country
ls –la /etc/cron.daily
/etc/cron.hourly/ipset-country
ipset-country: done
Going to use iptables and not only relay on ufw (unubtu firewall which may not be activated, once Plesk FW is in-place.
/etc/cron.hourly/ipset-country:
UFW is not supported, disable it first (or set UFW=1)
run-parts: /etc/cron.hourly/ipset-country exited with return code 1
**********************************************************************************************
Alternative to block only one country, lets say I r an
Create a list of CIDR IP of that country, from:
For I ran it is:
We're the trusted source for IP address information, handling 50 billion IP geolocation API requests per month for over 1,000 businesses and 100,000+ developers
ipinfo.io
List of all major IP address blocks allocated for Iran
www.nirsoft.net
I attached the lists I created at the time, for that country in a PDF file
Those rules are run as CLI on server SSH
Opening TWO SSH ports at the same time
After adding the rules on one port
you run activation on that port
and within 60 seconds run confirm on the second port
those commands are at the bottom of the PDF file.
**********************************************************************************************
I also recommend:
Use two fixed IPs (mobile+PC) that only them would be allowed access to login page and some ports as SSH 22 and Plesk 8443/7
moving all traffic for host according to IP (and not host name) to be moved to main example.com LOG on Plesk, so you can monitor it
And activate lots of .htaccess rules which protect the host server
Lots of rules are on:
In-depth focus on WordPress, web development, security, and more.
perishablepress.com
Remember to white list your fixed IP and server IP and Plesk IPs on the rules
For example:
RewriteCond %{REMOTE_ADDR} !^555\.555\.555\.555$
Allow from 555.555.555.555
**********************************************************************************************
And Ninja Fire Wall is a great tool too. You should white list your fixed IP according to guidance
A true Web Application Firewall to protect and secure WordPress.
wordpress.org
Facebook
Twitter
