How to block or whitelist specific countries through Plesk?

Follow

Comments

15 comments

  • Avatar
    Bragi Austfjörð

    @Stefan Yakubov

    I found out why blocking countries and opening custom port did not work it was do to my server has FirewallD running, after disabling firewallD everything started to work.

    1
    Comment actions Permalink
  • Avatar
    Daniel Vengoechea

    For anyone looking this is the complete security rule with all countries except US and CO

     

    SecGeoLookupDB /usr/share/GeoIP/GeoLiteCountry.dat
    SecRule REMOTE_ADDR "@geoLookup" "phase:1,chain,id:99999932392,drop,log,msg:'Blocking %{geo.country_code}'"
    SecRule GEO:COUNTRY_CODE "@pm AD AE AF AG AI AL AM AO AQ AR AS AT AU AW AX AZ BA BB BD BE BF BG BH BI BJ BL BM BN BO BQ BR BS BT BV BW BY BZ CA CC CD CF CG CH CI CK CL CM CN CR CU CV CW CX CY CZ DE DJ DK DM DO DZ EC EE EG EH ER ES ET FI FJ FK FM FO FR GA GB GD GE GF GG GH GI GL GM GN GP GQ GR GS GT GU GW GY HK HM HN HR HT HU ID IE IL IM IN IO IQ IR IS IT JE JM JO JP KE KG KH KI KM KN KP KR KW KY KZ LA LB LC LI LK LR LS LT LU LV LY MA MC MD ME MF MG MH MK ML MM MN MO MP MQ MR MS MT MU MV MW MX MY MZ NA NC NE NF NG NI NL NO NP NR NU NZ OM PA PE PF PG PH PK PL PM PN PR PS PT PW PY QA RE RO RS RU RW SA SB SC SD SE SG SH SI SJ SK SL SM SN SO SR SS ST SV SX SY SZ TC TD TF TG TH TJ TK TL TM TN TO TR TT TV TW TZ UA UG UM USs UY UZ VA VC VE VG VI VN VU WF WS YE YT ZA ZM ZW "

    1
    Comment actions Permalink
  • Avatar
    Daniel Vengoechea

    @bragi you should try workaround 2. It does work , test it with a vpn . I confirm it does work

    0
    Comment actions Permalink
  • Avatar
    n2linux acens

    WORKAROUND II

    https://dl.miyuru.lk/geoip/dbip/country/dbip4.dat.gz

    This URL is down 

    0
    Comment actions Permalink
  • Avatar
    Bragi Austfjörð

    And I'm paying money for this panel that can't even open a new port nor block country with country code

    0
    Comment actions Permalink
  • Avatar
    Bragi Austfjörð

    @Daniel Vengoechea

    Method II dos not work and is uselesss.

    This method is useless I'm running the latest Plesk panel and this dos not work at all just like opening a new port in firewall for SSH that doesn't work either.

    0
    Comment actions Permalink
  • Avatar
    Stefan Yakubov

    Hello,

    Thanks, the article is updated.

    0
    Comment actions Permalink
  • Avatar
    Bragi Austfjörð

    I'm forced to block every IP that is trying to hack my server using the firewall.

    0
    Comment actions Permalink
  • Avatar
    Bragi Austfjörð

    I found out that opening port via plesk firewall interface will not open port in firewallD. Just follow this and you will be all set. https://www.digitalocean.com/community/tutorials/how-to-set-up-a-firewall-using-firewalld-on-centos-7

    0
    Comment actions Permalink
  • Avatar
    Unknown User

    please update it 

    Plesk Obsidian 18.0.52 

     

    0
    Comment actions Permalink
  • Avatar
    Fadi Asbih

    Is there also a way to block a specific ISP, IP to ISP.

    i.e. block DigitalOcean, LLC

    0
    Comment actions Permalink
  • Avatar
    Stefan Yakubov

    Bragi Austfjörð in case you require clarifications on how to use that or have some additional questions regarding behavior in your environment -  you can contact technical support.

    0
    Comment actions Permalink
  • Avatar
    Martin Pineault

    @Daniel Vengoechea

    Do you have your "...complete security rule with all countries except US and CO..." in JSON format so I can Import it directly in Plesk after fine-tuning it?

    Thank you,

    0
    Comment actions Permalink
  • Avatar
    Stefan Yakubov

    Hello, Fadi Asbih

    Yes, you can find the list of DO subnets here:

    https://docs.digitalocean.com/products/platform/

    0
    Comment actions Permalink
  • Avatar
    Bragi Austfjörð (Edited )

    Yeah this is not working.

    After I have blocked countries like Bulgaria and Latvia, still manage to try to hack my server and the countries ip still shows up in IP Address Banning (Fail2Ban)

    Hope for the best :)

    -1
    Comment actions Permalink

Please sign in to leave a comment.

Have more questions? Submit a request