as root
Code:
$ ./ufw_deny_all.sh
Code:
#!/bin/bash
#-vx
file=server-ban-ufw-list.csv
for line in $(cat $file) ; do
ufw deny from $line to any
sleep 1
done < ${file}
This script will stop after 30 entries sonetimes ^s ^q will restart it
you can try
Code:
$ ./ufw_deny_all.sh || true
that may help
bash error checking is
There a lot of setup tutorials on UFW
I added allow to ssh (22)
only my static ips
I DID NOT allow ftp (I only use sftp and scp on 22)
I allow ftp when necessary I have a worpress on one server that needs it to update, After up dating I block ftp
You need to allow http and https
--------
Code:
barry@paragon-DS-7:~$ host 51.15.40.0
0.40.15.51.in-addr.arpa domain name pointer 0-40-15-51.rev.cloud.scaleway.com.
barry@paragon-DS-7:~$ host 37.9.114.0
Host 0.114.9.37.in-addr.arpa. not found: 3(NXDOMAIN)
barry@paragon-DS-7:~$ whois 37.9.114.0
Quote:
inetnum: 37.9.64.0 - 37.9.127.255
netname: RU-YANDEX-20111214
country: RU
org: ORG-YA1-RIPE
|
You want to block the *right* ips or CIDR /24 /20 etc.
I only block single IPs for abusive ISP users and not servers -- I will cut off whole datacenters on some servers -- without looking back. However I know i may lose some VPN users that are legit buyer (collateral damage).
On mail servers you need to only block some single IPs of spam servers (etc).
you need to allow the ports your mail server needs (<incoming)
Code:
#!/bin/bash
#-vx
file=server-ban-ufw-list.csv
for line in $(cat $file) ; do
echo host $line
sleep 1
done < ${file}
WHO THE IPs
that resolve ARE!
https://pastebin.com/28QEjW6B
Ahrefs and Semrush are spybots -- SEO for simpletons.
What bots look like IRL
The ones that do not resolve are servers in datacenters probably with no hostname entry.
If you don't want to do business with them -- block them -- that is up to you. Most legit (not all) ISP users (people) IP's resolve to hostnames.
$resolveip [ip] [hostname]
$man resolveip