FirewallD or IPtables?

By many users of the other panel you mean. It's not installed by default there either and we never used it on cpanel.

No Popular because I use it... ok and George too.. isn't that enough...:cool: I don't have any statistics so maybe its not wildly popular.

I use it mostly because when I block countries. Actually if I could just block Facebook to it would be grand. I am open to not needing it though if you all can train me up. I bow due to the lack of Statistics..
 
With IPSET we use limits set to 1000 just because we don't need more, though it's possible on servers.

[offtopic]: The Cambridge dictionary https://dictionary.cambridge.org/dictionary/english/crap states the word as offensive, and here the word https://www.merriam-webster.com/dictionary/crap is marked as vulgar. It is very rude when translated to Russian. Don't know how much is it normal in the world, probably "stront" does not sound rude when it is used in a meaning of "uitgescheiden afvalstoffen van mens of dier".

Alex et al: sorry for creating a distraction from the real topic...

I actually don't know "stront". Which in my case is since I don't speak, read whatever language it is (assuming Stront is Russian might be something else) I wouldn't be offended I would be ignorant.. essentially you could list off the top 100 worst Russian curse words and I would not know.. Not that I wouldn't want to learn Russian but no time currently.. Mandarin is my current interest. Unfortunately or fortunately for you, you speak and read English as well. However you are applying a Russian custom or mind to an English word. "Crap" is not what we would consider a Strong Curse word. Speaking in general Slang.. Formal language yes I think it might be based on the dictionary. Not defending Richard here for his use of "crap". Also not telling you how to think.. just giving the US English perspective. It's more like you just dropped you Beer or drink you give it an "AH crap!!" They you hope someone gets you a new one...:cool:

Truth be told I thought it was the Russian part of the comment that offended you. I don't honestly know if you are Russian.. I can only guess based on your website and your name generally seems to be from that part of the world. That is fine by me.. you are way smart, friendly, and you seem to care a great deal about DA. I personally don't care where most people are from... sorry for creating a distraction from the real topic... I actually like knowing other people from half way around the world.

It is like I said here https://forum.directadmin.com/showthread.php?t=58294&p=298268#post298268

"We should all care to help each other in all aspects of our lives." The people all over the world are good. Sure there will always be good and bad.. In general everyone I have ever met or talked to (I mean real people, not what we see on tv) Chinese, Japanese, Mexican, Russian, Lithuanian, Hebrew, Greek, Dutch, African, Nigerian, Germany, Scottish, and all.. They all care about the same things like me I eat, sleep, care about family and being happy. Just like you. right?

Stay well everyone... I will stop now...
 
[offtopic]
zEitEr said:
It is very rude when translated to Russian.
Well I'm not Russian and another word for stront is sh*t, which is also widely used in certain occasions (like "oh sh*t they hacked me again) but is less polite. Still i don't want to offend you but the word crap is really often used. Try and do a search on the forums here with the word crap and see how often it's used. You will not have enough on 3 pages of search results I can tell you up front.
You can use multiple dictionaries and I used https://www.linguee.nl/nederlands-engels/search?source=engels&query=crap and others for it to look it up after your statement.
As more often in English, a word can have multiple meanings and normally the word crap on forums is used when they mean nonsense and not stront (they use the word sh*t for that). In spite of the fact that I also could have said "sh*tty" attachs of the Chinese and Russions, because those attacks are. But I offend the attackers with it then not all Chinese or all Russians, seems clear to me. However I specially did not use that word, because I find that a bit undecent for a forum.

In some country's things weigh differently but I can't go walking on my toes for every word which I see a lot around on various forums. However, if you felt personally insulted, then in your case I would like to apologize, because I know there are also good Russians ofcourse and you're one of them. I don't want to get into bad feelings with you just over a word used.
I will try to remember but please try to look at it in a general way if I would use it in the future again.
[/off-topic]

@bdacus01: Thank you for your point of view, like the "ah crap" you explained is, is exactly the way I ment it, just rather common used in English. But just because zEitEr is a cool guy I'll try to remember not to use it.

As for IPSET
eve2000 said:
Overall cpu utilisation was around 40-45% for entire LEMP stack on a 4 cpu thread VPS.
I'm glad we never had this kind of attacks, or were rerouted by the datacenter before reaching us. But indeed that looks very good.

I you would have answers to the questions I had (1 to 3 on the previous page), that would be very nice.
 
Offtopic but important to this topic to!

Yep good RU and some other country eastside of US ( Germany).
People to

Custommers to and so on.

No really every country has hackers spammers and co or using services out of every country for a while ago a lot of old php cms wordpress and co systems are abused all over the world fast changing ip's and boxes trying scripts on our boxes, so after block again other ip very quick from other old php box. ( did some looking up php 5.3x and php 5.4x mostly)

Not "dead" server where those came from but live normal ( to old php) websites servers with cms systems still in use and working, in Netherlands Germany and so on, calling some of those hosters to warn them uhu thet where very very unpolite. ( cr.ppy, sh.t, str.nt m.rde)

So blocking tld / country ip block for us makes only sense for those region which aren't using our services or products, or whom we don;t want to deliver while to much extra costs or work.
That kind of blocking also use less power while visitors scrapers, search engines from those country's aren't using our resources then!

TO all admins keep in mind if you're blocking country's , your custommers agreed and knowing which country's , if they want to do bussines with RU, CN whatever who are you to block their bussines?

For the most normal Servers ( not infrastructure and other important services as some high tech development and co) it aren't country's but mostly people and "criminals" who are trying to hack, spamm, phising and co out of every country sometimes even "good" friends or coworkers do.

The utopic world , is every admin / hoster keeps his/her/it server clean and uptodate, so those box can't used for such attacks to others!


And even if so they are nice to the ones pointing out the problems to them solving quick and so on! :confused:

So in EU they should have a law for that, if a box / ip is doing abuse / hackiing things should go ofline in one EU DATAbase keeping track, no need for whatever commercial payed lists, no noone can reach that boxes ip and the otherway arround, only after cleaning up a quick AI automatic procces to check and delete if clean out of that list.

I don;t like some BLACKlist where it is to hard to get off or even you have to for whitelist pay money????? ( Clean is clean so why) everyone can make a mistake sometimes, also your custommers this is human!

Oyea the worse "hackers" ofcourse are facebook amaz.n and such company's for your all privacy and co,
We don't like google trackers on our servers /websites even if the are doing "so much only good things" they promissed once. :(
 
Last edited:
I'd be careful with country level blocking, you can end up blocking sites/urls which are required to download updates to your server i.e. CSF Firewall's auto update

i.e. if you blocked Germany for CSF Firewall updates

Code:
dig +short A download.configserver.com | while read i; do curl -s https://ipinfo.io/$i; done
{
  "ip": "85.10.199.177",
  "hostname": "download.configserver.com",
  "city": "Roesrath",
  "region": "North Rhine-Westphalia",
  "country": "DE",
  "loc": "50.8980,7.1759",
  "postal": "51503",
  "org": "AS24940 Hetzner Online GmbH"
}
 
I never use country blocking as this would also prevent mail from these country's to our customers. That would not be very good for our business.
 
I'm sorry, and bring my apologies for the off-topic. Yes, I see what you mean. I'm sure no one intended to insult anybody. Thanks, guys, for your support and clarification. There are too many hate on TV and near-by. I hope we are above all of it.

I believe attacks are coming out of the world, and that's not about a nation, it is about an IT infrastructure in certain cases. We know all how many attacks are coming from OVH, and it does not mean that French people are doing them all. I have some servers from OVH too, and I'm not a French.

And unfortunately in Russia too many servers get hacked everyday and become a part of a bot-net. And I'm sure that is not because we are bad here.

Peace ;)


And as for IPSET, at least in my experience we have a speed improvement with CSF restart when we use IPSET+FASTSTART.
 
There are too many hate on TV and near-by. I hope we are above all of it.
You're right about that. And in spite of the fact that Putin is lying about some things, I'm also sure of the fact that Russia is unjustified being blackened as being the "bad ones". Many country's are not really better. I also hope we're all above that.

No need to be sorry, I'm open and honest and rather have people saying something about it if they think it's not the way things should be said, then if they say nothing but think bad of me. At least this way you and me both had a chance to explain ourselves.

I fully agree with you on the things you said. It's just commonly said "the chinese, the russions, french, americans etc." while it is indeed the infrastructure, which often can be used by any country.

Glad we agree and we don't have hard feelings. ;)

Thank you for your insight on ipset too!
 
Back
Top