allow to ip only and deny from everyone else

Discussion in 'OT Technology' started by RubiconSahara, Dec 30, 2006.

  1. RubiconSahara

    RubiconSahara OT Supporter

    Joined:
    Mar 30, 2000
    Messages:
    7,672
    Likes Received:
    0
    Location:
    Edmond, OK
    What is the best way to restrict a webadmin interface such as https://www.domain.com/admin/ to a specific IP only and deny from everyone else? I've had some brute force attacks on a box lately (none successfull) and want to restrict the admin console to accept from a specific static IP only.

    Same goes with ssh access. How do I limit it to only accept from 2 specific IP's?

    I have a sshblacklist script running that watches the messages log for login attempts and after x amount of failed logins it adds a rule to iptables, but each attack I see is from a proxy and they just change proxies and goes at it again. I have been seeing 3-4 brute force attacks daily for the last few weeks. At the moment I shut off ssh all together, but this is a pain to deal with when I want to connect.

    Thanks
     
  2. Penguin Man

    Penguin Man Protect Your Digital Liberties

    Joined:
    Apr 27, 2002
    Messages:
    21,696
    Likes Received:
    0
    Location:
    Edmonton, AB
    For the web interface, I believe you can set it up through your .htaccess file.

    For SSH, I think you can do it through /etc/ssh/sshd_config (although I can't figure out how from the man page, so maybe it's not possible). You can definitely do it with iptables.

    Edit: iptables if you're running Linux. That would be pf (I believe?) on OpenBSD, and other things on other Unices.
     

Share This Page