Solved

Ban IPs by region on our server

Posted on 2014-01-10
2
446 Views
Last Modified: 2014-01-10
Hello

I have a 2 part question:

1. Is it a good idea to ban IP addresses by region on our server to increase our security? We mainly supply locally in our own country and do not need to be visible everywhere. Only a selected amount of countries. I do see numerous port scans coming from some countries that we would like to permanently limit access.

2. Where can we find these IPs and will it hinder the performance of the website and server if we have these bans in place.

Your comments are appreciated.
0
Comment
Question by:gregnvt
2 Comments
 
LVL 83

Accepted Solution

by:
Dave Baldwin earned 250 total points
ID: 39772804
While it might be a good idea, China alone has over 200 non-continuous IP address blocks.  http://www.nirsoft.net/countryip/cn.html  Those are just IPV4 addresses.  I don't have a list for IPV6.

MaxMind has a GeoIP by country database available.  http://www.maxmind.com/en/geolocation_landing   I don't know if it can be used by the server without a program.
0
 
LVL 11

Assisted Solution

by:MajorBigDeal
MajorBigDeal earned 250 total points
ID: 39772915
I think that is overkill, likely to create problems and not be effective.  When you see an address misbehaving you could just add it to your hosts.deny file.  That way if you get push back because someone can't get to your website because you have denied their IP, you have a solid, documented reason and explanation.

There is software available (like fail2ban or denyhosts) that can do this for you automatically.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Many people tend to confuse the function of a virus with the one of adware, this misunderstanding of the basic of what each software is and how it operates causes users and organizations to take the wrong security measures that would protect them ag…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

773 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question