Search our database

Block IP address at Directadmin using block_ip.sh

This tutorial will show you how to block IP address from DirectAdmin control panel.

This guide is only for Centos 6

Please be informed that DirectAdmin do not support this implementation, you will need to at your own risk. It is better to backup anything first.

1 – Replace IPTables script as follow

[root ~]# cd /etc/init.d/
[root ~]# mv iptables iptables.bak
[root ~]# wget http://files.directadmin.com/services/all/block_ips/2.1/iptables
[root ~]# chmod 755 iptables

If you are using custom port for SSH, you will need to edit iptables files.

You can check the port number by using below command :

[root ~]# cat /etc/ssh/sshd_config |grep Port
Port 9321

In this case, the SSH port is 9321. Edit iptables files and edit SSHD_PORT

[root ~]# vi iptables
Line 14: SSHD_PORT=9321

Be sure to have IPMI or console access if anything goes wrong after restarting iptables service.

/etc/init.d/iptables restart

If everything is okay, proceed with following step. Install block_ip.sh

[root ~]# cd /usr/local/directadmin/scripts/custom
[root ~]# wget -O block_ip.sh http://files.directadmin.com/services/all/block_ips/2.1/block_ip.sh
[root ~]# wget -O show_blocked_ips.sh http://files.directadmin.com/services/all/block_ips/2.1/show_blocked_ips.sh
[root ~]# wget -O unblock_ip.sh http://files.directadmin.com/services/all/block_ips/2.1/unblock_ip.sh
[root ~]# chmod 700 block_ip.sh show_blocked_ips.sh unblock_ip.sh

Last step is create empty block and exempt list file

[root ~]# touch /root/blocked_ips.txt
[root ~]# touch /root/exempt_ips.txt

These steps should activate a button in DirectAdmin at :

Admin Level -> Brute Force Monitor -> IP Info -> Block IP



Source : http://help.directadmin.com/item.php?id=380