directadmin官方有教程,如何屏蔽ip阻止Brute ForceAttack
http://help.directadmin.com/item.php?id=380
以下我將官方的教程漢化下:
1)第一步,配置iptables,讓block_ip.sh生效,DA官方的iptables文件適用于CentOS/Fedora,目前沒有在Debian或者FreeBSD上測(cè)試,或許支持,或許不知道debian/FreeBSD。
cd /etc/init.d
mv iptables iptables.backup
wget http://files.directadmin.com/services/all/iptables
chmod 755 iptables*** 注意,ipables默認(rèn)開啟的ssh端口是22,如果你的ssh端口不是22,請(qǐng)手動(dòng)修改iptables設(shè)置。
*** 注意,ipables默認(rèn)開啟的ssh端口是22,如果你的ssh端口不是22,請(qǐng)手動(dòng)修改iptables設(shè)置。啟動(dòng)iptables:
/etc/init.d/iptables restart
2) 第二步,安裝block_ip.sh腳本,block_ip.sh格式可以在found here找到 .
cd /usr/local/directadmin/scripts/custom
wget http://files.directadmin.com/services/all/block_ip.sh
wget http://files.directadmin.com/services/all/show_blocked_ips.sh
wget http://files.directadmin.com/services/all/unblock_ip.sh
chmod 700 block_ip.sh show_blocked_ips.sh unblock_ip.sh
3)創(chuàng)建blocked_ips文本:
touch /root/blocked_ips.txt
touch /root/exempt_ips.txt
去DA后臺(tái)操作下Home–>Brute Forece Monitor–>IP info–>Blcok this IP.
4)自動(dòng)封IP:
vi /usr/local/directadmin/scripts/custom/brute_force_notice_ip.sh
添加內(nèi)容:
#!/bin/sh
SCRIPT=/usr/local/directadmin/scripts/custom/block_ip.sh
ip=$value $SCRIPT
exit $?;
chmod 700 brute_force_notice_ip.sh
以下是FreeBSD相關(guān):
If you’re running FreeBSD with ipfw, you’d skip steps 2 and 3, and instead, add the following code to the file:
/usr/local/directadmin/scripts/custom/block_ip.sh
#!/bin/sh
echo “Blocking $ip with ipfw …<br>”;
ipfw add deny ip from $ip to any
exit $?
and don’t forget to chmod the block_ip.sh to 755.
