New to Interworx and just deployed our first server with it.
I want to be able to apply the following script (or something very close to it) to block unwanted countries from spamming/hacking etc.
ipset -N geoblock nethash
for IP in $(wget -O ? http://www.ipdeny.com/ipblocks/data/countries/{cn,kr,pk,tw,sg,hk,pe}.zone)
do
ipset -A geoblock $IP
done
Matching against the IPSet in IPTables:
iptables -A INPUT -m set ?set geoblock src -j DROP
What file would I apply this to? I am not sure what firewall config files Interworx is using so I want to make sure I am applying this to the correct file.
…I am not sure what firewall config files Interworx is using so I want to make sure I am applying this to the correct file.
The APF front end in NodeWorx is equivalent to editing:
/etc/apf/conf.apf
The Trusted/Blocked access controls are equivalent to editing:
/etc/apf/allow_hosts.rules and /etc/apf/deny_hosts.rules
Add the server’s IP to Trusted and go from there.
Debug Mode is equivalent to DEVM=“1” (on) or DEVM=“0” (off) in the file /etc/apf/conf.apf. Be sure to turn this on when you experiment with APF’s rules.
As a stopgap you can ban country IP blocks, as well as domain names, with Apache’s config file or an .htaccess file. This might be the preferred way, depending on your situation.