Security is a very heavy topic. When we are faced with reminder emails about violent password guessing that we receive every day, and when we see a bunch of shocking IPs in the background, we should not remain silent! Good VPS. As a technical novice and a super lazy person, asking me to write a rule and block IPs one by one is a very boring thing. Now, let’s take a look at the solution given to us by the official help center: Add IP locking function to DA backend!
First, let’s take a look at the IP information of some of the annoying people left behind by a DA backend I just installed.
How can we make the DA management background easy to lock these IPs? Below is a method from the official help center, suitable for people who don’t like manual tossing like a good VPS.
First, download the official iptables rules
cd /etc/init.d #Enter directory
mv iptables iptables.backup #Backup Original file
wget http://files1.directadmin.com/services/all/iptables #Download new iptables file
chmod 755 iptables #Set file permissions
Then, restart iptables
/etc/init.d/iptables restart
Next, download the IP lock script and set file permissions
cd /usr/local/directadmin/scripts/custom
wget http://files1.directadmin.com/services/all/block_ip.sh
wget http://files1.directadmin.com/services/all/ show_blocked_ips.sh
wget http://files1.directadmin.com/services/all/unblock_ip.sh
chmod 700 block_ip.sh show_blocked_ips.sh unblock_ip.sh
Finally, create a manifest text so you can see the list of locked IPs
touch /root/blocked_ips.txt
touch /root/exempt_ips.txt
Through the above operations, we enter the DA panel background, violent password guessing monitoring, click on the last IP Info of the monitored IP, and then click on isolate the IP on the next page.
If you want to automatically lock, continue.
cd /usr/local/directadmin/scripts/custom
wget http://files1.directadmin.com/services/all/brute_force_notice_ip.sh
chmod 700 brute_force_notice_ip.sh
