• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 285
  • Last Modified:

I want to block all visitors from country X

Hello,

I have experianced a number of attacks all from a specific country.

I would like to completely block access to all users from that country.

I realize that this is not fool proof because people from that country could still use a proxy.

I also realize that people in that country that are not hackers would not be able to access my web site but for the time being I still want to put this in place.

I use Linux / Cpanel / Apache.  I have iptables installed.

Is there any way I can block all access to people from the problem country?

Thanks!

0
hankknight
Asked:
hankknight
4 Solutions
 
EntityPacketCommented:
Why don't you just block the subnets your having attacks from?
0
 
hankknightAuthor Commented:
How do I do that?
0
 
mhequipitMH IT DeptCommented:
What kind of a firewall do you have?  This is important.
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

 
EntityPacketCommented:
0
 
mhequipitMH IT DeptCommented:
Is your firewall and webserver 1 box?  I wouldn't do it on the webserver if you have a firewall in front, and if you have a linux box on the net with no protection I hope you are checking for rootkits.
0
 
Gabriel OrozcoSolution ArchitectCommented:
really really really you cannot protect yourself in this way.

any attacker can connect to a different box on other subnet and begin attacking you again.

if your problem is too many connections from one IP, then the best way is to just block it. I agree. just take in mind it would still consume your bandwidth.

but if your problem is security related, then you need to work to protect yourself on your own side instead trying to block progressively all the the Internet.
0
 
redcelltechCommented:
Do not firewall these connections from the host. I have seen instances where iptables will bring the machine to a crawl processing rules against connections. This is a job for a perimeter firewall. Also, if you could describe the attack in more detail that would help.
0
 
mhequipitMH IT DeptCommented:
Right on redcelltech.  That's why I was asking what kind of firewall, the config should be fairly simple once we have that information.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now