This tutorial will show you how to block IP address from DirectAdmin control panel.
Please be informed that DirectAdmin do not support this implementation, you will need to at your own risk. It is better to backup anything first.
1 – Replace IPTables script as follow
[root ~]# cd /etc/init.d/ [root ~]# mv iptables iptables.bak [root ~]# wget http://files.directadmin.com/services/all/block_ips/2.1/iptables [root ~]# chmod 755 iptables
If you are using custom port for SSH, you will need to edit iptables files.
You can check the port number by using below command :
[root ~]# cat /etc/ssh/sshd_config |grep Port Port 9321
In this case, the SSH port is 9321. Edit iptables files and edit SSHD_PORT
[root ~]# vi iptables Line 14: SSHD_PORT=9321
Be sure to have IPMI or console access if anything goes wrong after restarting iptables service.
/etc/init.d/iptables restart
If everything is okay, proceed with following step. Install block_ip.sh
[root ~]# cd /usr/local/directadmin/scripts/custom [root ~]# wget -O block_ip.sh http://files.directadmin.com/services/all/block_ips/2.1/block_ip.sh [root ~]# wget -O show_blocked_ips.sh http://files.directadmin.com/services/all/block_ips/2.1/show_blocked_ips.sh [root ~]# wget -O unblock_ip.sh http://files.directadmin.com/services/all/block_ips/2.1/unblock_ip.sh [root ~]# chmod 700 block_ip.sh show_blocked_ips.sh unblock_ip.sh
Last step is create empty block and exempt list file
[root ~]# touch /root/blocked_ips.txt [root ~]# touch /root/exempt_ips.txt
These steps should activate a button in DirectAdmin at :
Admin Level -> Brute Force Monitor -> IP Info -> Block IP
Source : http://help.directadmin.com/item.php?id=380
