DirectAdmin background to increase the IP blacklist automatic locking method

A few days did not log in to manage the backstage, a look incredibly hundreds of information, this hateful brute force crack is really annoying. In addition, this violent guess solution has always been to guess root, admin and other users, this security issue is really not to be overlooked. So Google on the internet, according to the official method, to DirectAdmin added an IP lock function.

First, download the official Iptables rules.

CD/ETC/INIT.D #进入目录
MV Iptables Iptables.backup #备份原文件
wget http://files1.directadmin.com/services/all/iptables #下载新iptables文件
chmod 755 iptables #设置文件权限
Then restart Iptables.
/etc/init.d/iptables restart

Download the lock IP script and set file permissions.

Cd/usr/local/directadmin/scripts/custom
wget http://files1.directadmin.com/services/all/block_ip.sh
wget http://files1.directadmin.com/services/all/show_blocked_ips.sh
wget http://files1.directadmin.com/services/all/unblock_ip.sh
chmod block_ip.sh show_blocked_ips.sh unblock_ip.sh

Create a manifest text to view the locked IP column

Touch/root/blocked_ips.txt
Touch/root/exempt_ips.txt

Through the above operation, as long as into the DA panel backstage –> password Brute force guessing, click to monitor the IP last IP Info, and then according to the instructions can isolate the IP.
If you want to lock automatically, you need to enter the following code:

Cd/usr/local/directadmin/scripts/custom
wget http://files1.directadmin.com/services/all/brute_force_notice_ip.sh
chmod brute_force_notice_ip.sh

And in the DA panel background –> Administrator settings, in the security where the following.

Note:

The above method will cause your machine to be unable to ping, if you more mind this, can change the configuration in iptable, delete the following two data can resume ping pass.
$IPTABLES-A input-p icmp-j DROP
$IPTABLES-A input-p all-j DROP