New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
SSH & WHM Restriction by Geo IP Location
Mahfuz_SS_EHL
Host Rep, Veteran
in Help
Hi,
I googled to restrict SSH Access & WHM Access by IP and found some tutorials. I applied them & result was successful. But, Is it possible to restrict it by Country IP ??
I mean like 23.56.78.90 is a IP registered in USA (As per Geo IP Location in DomainTools). Now, I want to restrict SSH Access by USA IP so that if any one wants to access SSH from an IP that is geo-located in the USA, it will login otherwise IP's from China, Bulgaria will be refused from Login.
Thanks,
Mahfuz.
Comments
Would be pointless IMO
No Way to do so ?? :-/
Yes, it's possible ...
http://www.fail2ban.org/wiki/index.php/HOWTO_use_geoiplookup
more available here ...
https://www.maxmind.com/en/geoip_resources
A few days ago I wrote up a tutorial on this forum about how to do GeoIP with IPTables. It is EASY to achieve with the
xtables-addons
package. Read more:http://lowendtalk.com/discussion/24428/tutorial-iptables-geoip-port-knocking-and-port-scan-detection
Don't forget to re-run the related GeoIP database download commands every month (e.g. via cron job) after Maxmind updates it (should be before the 10th or so). Here is an example update script and cron job.
@ehostlab This will NOT be 100% effective due to people using VPN or compromised servers in your allowed countries to bypass your restriction.