Can't Access Plesk Admin Because Of DOS Attack, Block IP Address Through SSH? - PhpOut

olimits7
September 6, 2012
123 views
3 votes
3 Answers

I can’t access Plesk Amdin because of DOS attack; can I block a hostname or IP address through SSH? If so, how would I be able to do this?

Thank you!

Tags: apache ddos denial-of-service plesk ssh

Answers

- LeonardChallis
- November 16, 2012 at 9:18 am
- 0 votes
0
Probably the easiest is to SSH to your box use vim to and add the following to the top of your .htaccess file in the root of your domain (/var/www/vhosts/yourdomain.com/httpdocs/.htaccess):
```
deny from 12.345.67.89
```
Obviously replace the IP address with the one you want to block. Repeat this for any sites you think are being attacked.
Login or Signup to reply.

- denizeren
- November 19, 2012 at 5:51 pm
- 0 votes
0
If you have iptables you can block it using simple rule:
```
iptables -I INPUT --source 1.2.3.4 -j DROP
```
This rule drops packets coming from IP 1.2.3.4.
Login or Signup to reply.

- ArrowInTree
- December 6, 2012 at 3:17 am
- 0 votes
0
iptables -I INPUT -p tcp -s 1.2.3.4 -m statistic –probability 0.5 -j DROP
iptables -I INPUT n -p tcp -s 1.2.3.4 -m rpfilter –loose -j ACCEPT # n would be an numeric index into the INPUT CHAIN — default is append to INPUT chain

iptables -I INPUT -p tcp -m hashlimit –hashlimit-mode srcip -s 1.2.3.4 –hashlimit-srcmask –hashlimit-above 9/second -j DROP

iptables -I INPUT -p tcp -s 1.2.3.4 -m limit –sport 80 –limit 100/second -j ACCEPT

There are countless others for your circumstances.

Sincerely,

ArrowInTree

Login or Signup to reply.

Please signup or login to give your own answer.

Click here to cancel reply.