Can't Access Plesk Admin Because Of DOS Attack, Block IP Address Through SSH?

Question

I can't access Plesk Amdin because of DOS attack; can I block a hostname or IP address through SSH? If so, how would I be able to do this?

Thank you!

score 3 · Answer 1 · answered Nov 19 '12 at 16:51

3

If you have iptables you can block it using simple rule:

iptables -I INPUT --source 1.2.3.4 -j DROP

This rule drops packets coming from IP 1.2.3.4.

answered Nov 19 '12 at 16:51

denizeren

934
8
20

Your answer was really helpful for me. Thanks a lot! – Daniel Kmak Aug 27 '13 at 11:32

score 0 · Answer 2 · answered Nov 16 '12 at 08:18

Probably the easiest is to SSH to your box use vim to and add the following to the top of your .htaccess file in the root of your domain (/var/www/vhosts/yourdomain.com/httpdocs/.htaccess):

deny from 12.345.67.89

Obviously replace the IP address with the one you want to block. Repeat this for any sites you think are being attacked.

score 0 · Answer 3 · answered Dec 06 '12 at 02:17

iptables -I INPUT -p tcp -s 1.2.3.4 -m statistic --probability 0.5 -j DROP iptables -I INPUT n -p tcp -s 1.2.3.4 -m rpfilter --loose -j ACCEPT # n would be an numeric index into the INPUT CHAIN -- default is append to INPUT chain

iptables -I INPUT -p tcp -m hashlimit --hashlimit-mode srcip -s 1.2.3.4 --hashlimit-srcmask --hashlimit-above 9/second -j DROP

iptables -I INPUT -p tcp -s 1.2.3.4 -m limit --sport 80 --limit 100/second -j ACCEPT

There are countless others for your circumstances.

Sincerely,

ArrowInTree

Can't Access Plesk Admin Because Of DOS Attack, Block IP Address Through SSH?

3 Answers3

Linked