Disable firewall for some IP

[asterix23]

Hello

I did install Directadmin on a new dedicated server, transfert my website to this new server, but one day later get noticed that Google bot is blocked on this new server, I got a huge drop on my website's traffic.

I did hire a guy to investigate, he told me that Directadmin firewall have a rate limit function that maybe cause Google being blocked.

How can I disable rate limit function from directadmin? or at least allow Google ip's to be ignored from this rate limit

Thank you

 

[Richard G]

I'm not aware of any limit on DA for Google Bot.

However, I'm just wondering if it's DA itself or CSF which DA is working with.
In CSF you can easily ignore the ip.

Edit /etc/csf/csf/csf.ignore and put Google's ip in there.
After that, restart csf and lfd. Via SSH this can be done by:
csf -ra

 

[factor]

Do you have mod_security on? They have rules for Bots over there as well.

Also on csf config you might check csf.rignore
Care should be used with this option as it could generate many
false-positives, especially Search Bots (use csf.rignore to ignore such bots)
so only use this option if you know you are under this type of attack



# The following is a list of domains and partial domain that lfd process
# tracking will ignore based on reverse and forward DNS lookups. An example of
# its use is to prevent web crawlers from being blocked by lfd, e.g.
# .googlebot.com and .crawl.yahoo.net
#
# You must use either a Fully Qualified Domain Name (FQDN) or a unique ending
# subset of the domain name which must begin with a dot (wildcards are NOT
# otherwise permitted)
#
# For example, the following are all valid entries:
# www.configserver.com
# .configserver.com
# .configserver.co.uk
# .googlebot.com
# .crawl.yahoo.net
# .search.msn.com
#
# The following are NOT valid entries:
# *.configserver.com
# *google.com
# google.com (unless the lookup is EXACTLY google.com with no subdomain
#
# When a candidate IP address is inspected a reverse DNS lookup is performed on
# the IP address. A forward DNS lookup is then performed on the result from the
# reverse DNS lookup. The IP address will only be ignored if:
#
# 1. The results of the final lookup matches the original IP address
# AND
# 2a. The results of the rDNS lookup matches the FQDN
# OR
# 2b. The results of the rDNS lookup matches the partial subset of the domain
#
# Note: If the DNS lookups are too slow or do not return the expected results
# the IP address will be counted towards the blocking trigger as normal
#

 

[asterix23]

Great thank you !!

 

[Richard G]

especially Search Bots (use csf.rignore to ignore such bots)

Ah yes you're right... should be csf.rignore.