New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
Every server is different but for me not just blocking Chinanet but blocking China reduces hack attempts by more like 50%.
If your website or server does not need traffic from a particular country and that country is responsible for a significant amount of the shot traffic testing services on your open ports it totally makes sense to just drop all traffic from those sources. It totally makes your server more secure. You have just eliminated a significant amount of current and future threats.
There are plenty of modules one can load which will allow you to block countries based upon poorly-defined IP addresses.
poorly-defined - I'd be less charitable, this being 2017 and all
T'is nearly 2019.
You can export the free IP address table by country from https://www.ip2location.com/free/visitor-blocker and apply it in your firewall. Multiple formats supported. This is one of the most comprehensive firewall list I found.
I look at what ports the server is listening on (using netstat) and take it from there.
I don't block anything just for the sake of blocking stuff. Only what I believe is necessary based on what applications/services are exposed. By doing it that way I think you end up with a better understanding of what is going on with the server which makes you a better admin.