Portal Home > Knowledgebase > Articles Database > How to null route China?
How to null route China?
Posted by Gigaron, 03-16-2008, 02:43 AM |
I use geoip so that if ($country="CN") { die(); }
This works on my site. But for some reason I still get the occasional IP's through.
I looked at my Lighttpd server-status and I have 600 connections from 3 different IPs that come from China.
I typically use ./route add -host 222.221.81.3 reject as the way to block them, but it changes from time to time. The Chinese are using 90mbps of bandwidth and I want it to stop as they must be directly hotlinking my content.
How to null route large blocks from China? Please note I want to keep Hong Kong, Macau and Taiwan.
|
Posted by LoganNZ, 03-16-2008, 02:47 AM |
mod_evasive will help with the hotlinking/high concurrent connections.
You can find china IP range lists via google, you will always get the occasional one that slips through. Not to mention the ones that use a proxy.
|
Posted by Gigaron, 03-16-2008, 02:52 AM |
Mod_evasive is for 1.5.0, and I use 1.4.18. So I can't do this method.
How to add the IP range via the shell? I can only do it for 1 IP at a time.
Thanks.
|
Posted by whitehorn, 03-16-2008, 03:29 AM |
you can try csf also
|
Posted by Gigaron, 03-16-2008, 03:31 AM |
what's that?
|
Posted by david510, 03-16-2008, 05:42 AM |
It is a firewall program. You can see details at http://configserver.com/cp/csf.html
|
Posted by LoganNZ, 03-16-2008, 05:43 AM |
Check out www.configserver.com
They offer a free, easy to use and easy to install web GUI to control many aspects/configs;
Firewall Management
User process security (LFD)
ConfigServer.com also offers some other packages which can aid a lot in managing the basic security points of your linux-cpanel box.
Good luck
Best Regards,
Logan
|
Add to Favourites Print this Article
Also Read