{"id":3008,"date":"2014-12-19T11:06:11","date_gmt":"2014-12-19T17:06:11","guid":{"rendered":"http:\/\/benincosa.com\/?p=3008"},"modified":"2014-12-19T11:36:46","modified_gmt":"2014-12-19T17:36:46","slug":"blocking-ip-addresses-from-your-server","status":"publish","type":"post","link":"https:\/\/benincosa.com\/?p=3008","title":{"rendered":"Blocking IP addresses from your server"},"content":{"rendered":"<p>My friend Shadd gave me a <a href=\"http:\/\/www.wizcrafts.net\/chinese-iptables-blocklist.html\">list of URLs<\/a> that I should try to block so that I could allow comments back on this blog. \u00a0Back in November, my site was down because I was getting spammed like crazy. \u00a0I&#8217;m not sure this is the best approach, because I don&#8217;t want to alienate half the world from my site. \u00a0But its worth a shot. \u00a0Also, with all this talk about North Korean hackers and stuff, we could all revisit our security settings to see how we&#8217;re doing.<\/p>\n<p>These commands work on CentOS.<\/p>\n<h2>iptables<\/h2>\n<p>First, copied the list into a text file called bad_ips. \u00a0Then run this script:<\/p>\n<pre class=\"striped:false marking:false ranges:false nums:false nums-toggle:false wrap-toggle:false lang:default decode:true \">for ip in $(grep -v \"#\" bad_ips | egrep -v \"^$\"); \\\r\ndo iptables -I INPUT -s $ip -j DROP; \\\r\ndone<\/pre>\n<p>The first grep in that command gets rid of lines with comments while the egrep gets rid of blank lines.<\/p>\n<p>Then you can do<\/p>\n<p><span class=\"lang:default decode:true  crayon-inline\">service iptables save<\/span><\/p>\n<p>Looking in the \/etc\/sysconfig\/iptables file you&#8217;ll see all those IP addresses are now blocked.<\/p>\n<p>This isn&#8217;t the end all solution. \u00a0There&#8217;s no reason a spammer couldn&#8217;t spin up an AWS instance on sovereign Oregon soil and hit me even closer. \u00a0But this should be a good start.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>My friend Shadd gave me a list of URLs that I should try to block so that I could allow comments back on this blog. \u00a0Back in November, my site was down because I was getting spammed like crazy. \u00a0I&#8217;m not sure this is the best approach, because I don&#8217;t want to alienate half the&#8230;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[606],"tags":[607,608],"jetpack_featured_media_url":"","_links":{"self":[{"href":"https:\/\/benincosa.com\/index.php?rest_route=\/wp\/v2\/posts\/3008"}],"collection":[{"href":"https:\/\/benincosa.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/benincosa.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/benincosa.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/benincosa.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=3008"}],"version-history":[{"count":2,"href":"https:\/\/benincosa.com\/index.php?rest_route=\/wp\/v2\/posts\/3008\/revisions"}],"predecessor-version":[{"id":3012,"href":"https:\/\/benincosa.com\/index.php?rest_route=\/wp\/v2\/posts\/3008\/revisions\/3012"}],"wp:attachment":[{"href":"https:\/\/benincosa.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=3008"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/benincosa.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=3008"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/benincosa.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=3008"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}