Here we will increase the IP ban on the directadmin panel, so that in the DirectAdmin super monitoring can be the IP address directly blacklisted, prohibit this IP access to the site and the background, but also increased the detection log file function, The discovery of suspicious information will also be blacklisted.
The first part we set up the firewall, the operation is suitable for the Centos/fedora type system, has not been tested on the Debian and the FreeBSD system, whether usable is not clear.
The code is as follows |
Copy Code |
Cd/etc/init.d MV Iptables Iptables.backup wget http://files.directadmin.com/services/all/iptables chmod 755 iptables |
Here we first renamed the original Iptables, so as to minimize the firewall configuration error, there will be error reduction, otherwise there may be some unexpected situation.
Note: This firewall configures the default SSH port 22, so either manually modify the login port or manually modify the firewall configuration.
Below we will reboot the iptables to make the firewall just configured to take effect.
The code is as follows |
Copy Code |
/etc/init.d/iptables restart
|
At this point we confirm all the ports and links are normal, including the normal background link can be opened, otherwise please turn off this firewall configuration, to restore. Because the last time we modified the directadmin default login port of 12345, where the station test, this firewall rules sealed off this port, so we reset the port to 2222, will not modify the friend please see "DirectAdmin and Port modification", After the modification we normally open the landing panel of the directadmin.
The second part is to install the DirectAdmin block_ip.sh module used to create a file to list the banned IP, the following specific commands:
The code is as follows |
Copy Code |
Cd/usr/local/directadmin/scripts/custom wget http://files.directadmin.com/services/all/block_ip.sh wget http://files.directadmin.com/services/all/show_blocked_ips.sh wget http://files.directadmin.com/services/all/unblock_ip.sh chmod block_ip.sh show_blocked_ips.sh unblock_ip.sh |
This time the landing directadmin can be banned IP address.
Administrator--> Strong monitoring-->block IPs
Before this we want to create two files, one is the IP blacklist, one is the IP white list, the specific role everyone knows, the order is as follows:
The code is as follows |
Copy Code |
Touch/root/blocked_ips.txt Touch/root/exempt_ips.txt
|
After that, you can directly block IP.
From the picture above you can see that there are always some boring people like crazy landing directadmin backstage. So we add one by one to the blacklist.
The last part is optional, all of the above operations are by the administrator of their own manual to seal the IP, to achieve automatic blocking IP, you need this part of the operation, this part is to let directadmin automatic detection of log and other related files, used to achieve suspicious IP automatically fill in the Blacklist, Before you do this, you need to test and operate smoothly before you perform this operation to avoid directadmin your own IP to the blacklist.
The code is as follows |
Copy Code |
Cd/usr/local/directadmin/scripts/custom wget http://files.directadmin.com/services/all/brute_force_notice_ip.sh chmod brute_force_notice_ip.sh
|
After the execution of the above command, DirectAdmin will be able to detect their own IP, this function by the station test, the function is good, the station's IP blacklist has been increasing, is indeed a very practical function.
Original from: Www.defel.net