What about a tool or config option to block some countries ?

[celyd]

What about a tool or config option to block some countries ?

 

[dmacleo]

like CSF where you enter a 2 letter code and it blocks all assigned ip's from that country?

 

[celyd]

like CSF where you enter a 2 letter code and it blocks all assigned ip's from that country?

Yes, something like that ... a simple tool integrated in DA would be great and I think many users need this feature.

It's simply because I am getting tired of hacking attempts from specific countries ;-)
I am aware of the scope of such a blockage, but none of the users of my server does not need the traffic from those countries (and even less in ssh or ftp for example).

 

[dmacleo]

csf is free and does integrate into DA, maybe its interim solution for you?
I agree, finally blocked all of china. tired of all the crap from there so said screw it.

 

[Aaron_E]

Wouldn't really need something like this. When I check our logs from fail2ban it's barely 5% from China. Blocking all countries that did some attempts on a few services would be the same as unplugging the cables

Only thing we do is rate limiting the amount of new connections that can be made to ssh/pop3/imap. Furthermore we're running fail2ban to ban the bots that keep trying / to keep auth logs a bit clean

 

[dmacleo]

would be interested in how fail2ban installs on DA.

 

[Aaron_E]

It's totally separate from DA Just disabled the bruteforce monitor in DA and installed fail2ban through the 'package manager' (ports in our case since we're running FreeBSD).

 

[dmacleo]

hmm will check it out, thanks.