iptables - Automatically ban IPs that request certain pages - Ask Ubuntu


i want ban ips request pages e. g. example.com/weird.php , 1 send post request example.com/weirder.php.

i have searched lot, , learned several iptables, seems instructions centos. worry being locked out. i'm looking detailed , safe answer.

i use aws ec2, ubuntu , nginx.

first try on machine have physical access to.

ip tables

first, let's figure out ip tables rules block ip address. detailed instructions, check out guide.let's drop incoming connections particular ip:

iptables -a input -s a.b.c.d -j drop

after this, restart iptables regular. try out command check if works fine you, familiar syntax , proceed further.

bash script

let's create bash script block ip. (warning: might need play user permissions , sudo work). create new file, say, blockip.sh.

#! /usr/bin/env bash iptables -a input -s $1 -d drop <other stuff want when block ip> <note: ip address in variable $1>

run chmod +x blockip.sh make script executable. can run /path/to/file/blockip.sh 1.2.3.4.

sudo permissions

if script needs have root user permissions, need configure sudo provide passwordless access. referring this stack overflow question, run sudo visudo , add following line:

nobody = nopasswd: /your/script

save file , exit. security warning, make sure can modify script file or else, can potentially run harmful code root user modifying script.

php code

run little gem of code whenever want block someone.

exec("sudo /path/to/file/blockip.sh ".$_server['remote_addr']);

conclusion

first, test code on machine have physical access to. also, aware multiple users behind lan share same external ip , blocking 1 of them result in blocking of them. careful. upvote if answer helped you.


Comments

Post a Comment

Popular posts from this blog

download - Firefox cannot save files (most of the time), how to solve? - Super User

this not full duplicate of this question or this question , though base question same. however, questions have no answers. for on half year have problems downloading files firefox. when click on download link, download dialog opened asking me do, save or open it. immediately, there error/warning pop-up (twice, can see 1 @ first) ok button. looks this message : "c:\users\%user%\appdata\local\temp\wbbdv9k8.zip.part not saved because source file not read. try again later or contact server administrator." replace '%user%' name of user trying download. after closing pop-up, download dialog disappears , have minimize firefox , open again, see other pop-up. downloading exact same file internet explorer work, not desired. i tried solutions here . tried solutions here . tried disabling extensions. tried fixing permissions on temp folder. tried making files , folder in profile directory non-readonly. tried running firefox administrator. tried ...
Read more

windows - "-2146893807 NTE_NOT_FOUND" when repair certificate store - Super User

i try repair certificate store in windows 10 doing c:\windows\system32>certutil -store -user ‎330000019dba8d5dddb98062a900000000019d "personal" certutil: -store command failed: 0x80090011 (-2146893807 nte_not_found) certutil: object not found. i have double check mmc, certificate details serial number of certificate. still fail repair certificate store. can please help? i getting same error when trying export pfx. turns out had export c:\cert.pfx instead of cert.pfx (it trying export file cert store ( cert:\localmachine\my ).
Read more