Block IP range but only for a specific port?
Posted: 15 Jun 2024, 20:19
Hi,
I’m looking for some advice on how to achieve a specific configuration using CSF.
I have a server that is currently getting hammered by junk web traffic from a whole load of IP addresses all beginning 18.xxx.0.0/16 (where xxx can be any of about 20 values).
I had initially just blocked those ranges entirely in CSF but with it being such a wide block that’s not really feasible - we have since had problems with email, for example, not being able to make it through.
My ideal would be to block these ranges on port 443 only as the junk traffic is all SSL web connections, but I’m not sure how I can block the ranges for that port while allowing traffic through for other services such as SMTP.
Any ideas?
I’m looking for some advice on how to achieve a specific configuration using CSF.
I have a server that is currently getting hammered by junk web traffic from a whole load of IP addresses all beginning 18.xxx.0.0/16 (where xxx can be any of about 20 values).
I had initially just blocked those ranges entirely in CSF but with it being such a wide block that’s not really feasible - we have since had problems with email, for example, not being able to make it through.
My ideal would be to block these ranges on port 443 only as the junk traffic is all SSL web connections, but I’m not sure how I can block the ranges for that port while allowing traffic through for other services such as SMTP.
Any ideas?