Blocking IP Ranges In CSF

Discussion in 'Linux Guides' started by Chuck, Dec 9, 2017.

  1. Chuck

    Chuck Administrator
    Staff Member Grep What?

    Joined:
    May 17, 2017
    Messages:
    39
    Likes Received:
    0
    If you run a server you will have to do some IP range blocking, it is inevitable. CSF (Config Server Firewall) makes this quick and easy to do. If you are not sure just how IP ranges work or which block to block here is a simple explanation.

    We recently were seeing a bunch of malicious bots from some Chinese IPs like:

    123.125.143.5
    123.125.143.11
    123.125.143.44
    etc...

    In this case we will just block this entire range, so that looks like:


    Code:
    123.125.143.0/24
    If you don't want to block an entire range and you know the start and finish IP you can go here. This tool converts to CIDR format for you which CSF requires when blocking ranges.

    Now in SSH add it:


    Code:
    csf -d 123.125.143.0/24

    If you are having to block large amounts of IPs and ranges you should also look into the "CC_DENY" option in CSF. This blocks large amounts of IP and ranges with minimal resource use.
     

Share This Page