[HELP] How can I only allow china to access port 80 and 443 only?

[darkbear]

Everyday, many china's ip is always try to hack my server and they always try to login account via dovecot1 and exim2
however I have no customers from china, and my customers and me they want China's client to view their website (http and https) only
so could you tell me how can I use CSF to allow they view webiste only and denied for all others ports?

Many thanks

 

[sysdev]

Maybe this will help: https://www.liquidweb.com/kb/how-to-block-or-allow-specific-ports-by-country-in-the-csf-firewall/

 

[darkbear]

thank, but I want to allow China's for only 80 and 443(and block for all ports else). what should I do?
thanks

 

[sysdev]

See the part 'Blocking Access to Specific Ports by Country'

The example uses port 21 but you would use 21, 110, 25, 587, 143, ... etc to block all open ports, except 80 and 443. ( or enter a range of ports to block).

 

[Kiekeboe100]

don't forget to allow port 25 or you won't be able to receive e-mail from china.

 

[darkbear]

Thank you sysdev and Kiekeboe100