How an IP ban on a server? (Or how stop spam)

Lately I started to be more careful with blogs happens on the server. I found that I have a blog widely read, with many hits. An obvious example is in the picture below:

bots
Such spam bots They are many, and their comments gathered by the hundreds in Akismet. I know that WordPressThere option to an IP block who wants to comment, but this does not help very much, for two reasons.

1. If IP is blocked from WordPress -> Dashboard traffic reaches the server and there.
2. If a server is 100 blogs ... each one should block the same IP. (Headache)
3. From the same IP can try to look for security is vulnerable points, the other open ports. (I know I said two reasons. Unu`'s bonus)

Another way of an IP block access to a site, is editing the file .htaccessIn folderu root, where there are site files (usually public_html). I used to fantasize like that through June 2007 when I wrote the post "".
Method of blocking IPs. Htaccess, I do not recommend anyone, of one reason: the more loaded file. Htaccess, the loading time of the site grows. If 100 files. Htaccess would have many 50 the Directive on Apache (HTTP Server), you can put two candles candy :)

I think the third method is the best .. IP blockingfixes may level server, all portsUsing iptables.
In the picture above, it is seen IP 194.8.74.158, trying to spam pages from blog. Lock him at the server level is as follows.

root @ server [~] # / Sbin / iptables -I INPUT -s 194.8.74.158 j DROP
root @ server [~] # / Sbin / service iptables save
Saving firewall rules to /etc/sysconfig/ iptables: [OK] root @ server [~] #

Of course not to block IP in each hand. Of which I saw, bots are more IPs from the same block. In this case there is, ARIN si RIPE.

whois (ripe.net): 194.8.74.158

inetnum: 194.8.74.0 - 194.8.75.255
NetName: Dragonara-NET
Describe: Dragonara Alliance Ltd
country: GB

Ok. If IP comes from a region where they are sure they do not want visitors per server (either through the web or by mail), I have handy option to block access to two class C (Class C subnet), encompassing all IPs beach between 194.8.74.0 and 194.8.75.255.

/ Sbin / iptables -I INPUT -s 194.8.74.0 / 24 j DROP
/ Sbin / iptables -I INPUT -s 194.8.75.0 / 24 j DROP
/ Sbin / service iptables save

iptables -L, to see the list of IPs "Chain INPUT".

How an IP ban on a server? (Or how stop spam)

About the author

Stealth

Passionate about everything that means gadgets and IT, I write with pleasure stealthsettings.com from 2006 and I like to discover with you new things about computers and operating systems macOS, Linux, Windows, iOS and Android.

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment is processed.