How an IP ban on a server? (Or how stop spam)

Lately I started to be more careful with blogs happens on the server. I found that I have a blog widely read, with many hits. An obvious example is in the picture below:

Such spam bots They are many, and their comments gathered by the hundreds in Akismet. I know that WordPressThere option to an IP block who wants to comment, but this does not help very much, for two reasons.

1. IP if blocked from WordPress -> Dashboard, get to the server and there is traffic.
2. If a server is 100 blogs ... each one should block the same IP. (Headache)
3. From the same IP can try to look for vulnerable security points on other open ports. (I know I said two reasons. one is a bonus)

Another way of an IP block access to a site, is editing the file .htaccessIn folderu root, where there are site files (usually public_html). I used to fantasize like that through June 2007 when I wrote the post "".
Method of blocking IPs. Htaccess, I do not recommend anyone, of one reason: the more loaded file. Htaccess, the loading time of the site grows. If 100 files. Htaccess would have many 50 the Directive on Apache (HTTP Server), you can put two candles candy :)

I think the third method is the best .. IP blockingfixes may level server, all portsUsing iptables.
In the picture above, it is seen IP 194.8.74.158, trying to spam pages from blog. Lock him at the server level is as follows.

root@server [~]# /sbin/iptables -I INPUT -s 194.8.74.158 -j DROP
root@server [~]# /sbin/service iptables save
Saving firewall rules to /etc/sysconfig/iptables:          [  OK  ]
root@server [~]#

Of course not to block IP in each hand. Of which I saw, bots are more IPs from the same block. In this case there is, ARIN si RIPE.

whois (ripe.net): 194.8.74.158

inetnum:         194.8.74.0 - 194.8.75.255
netname:         DRAGONARA-NET
descr:           Dragonara Alliance Ltd
country:         GB

Ok. If IP comes from a region where they are sure they do not want visitors per server (either through the web or by mail), I have handy option to block access to two class C (Class C subnet), encompassing all IPs beach between 194.8.74.0 and 194.8.75.255.

/sbin/iptables -I INPUT -s 194.8.74.0/24 -j DROP
/sbin/iptables -I INPUT -s 194.8.75.0/24 -j DROP
/sbin/service iptables save

iptables -L, see the "Chain INPUT" IP list.

Passionate about technology, I enjoy writing on StealthSettings.com since 2006. I have a rich experience in operating systems: macOS, Windows, and Linux, as well as in programming languages and blogging platforms (WordPress) and for online stores (WooCommerce, Magento, PrestaShop).

How to » Internet » How an IP ban on a server? (Or how stop spam)
Leave a Comment