Geoblock question regarding blocking all ports except SMTP

1 post Page 1 of 1
wwnick
Junior Member
Posts: 5
Joined: 09 Dec 2018, 22:38


Hi,

We have a situation whereby we need two levels of geoblocking, and I was wondering if there was any way of achieving this in CSF as it stands.

We use the CC_DENY_PORTS option to block all FTP/SSH/cPanel/Mail ports from a dozen countries due to the amount of hack attempts that come from those countries. The only port we don't block is 25, as we want mail to be delivered from anywhere, particularly as there are mail filtering servers around the globe.

When DDoS attacks happen, we additionally want to block two or three countries from even reaching ports 80 and 443, so they don't drag the servers down.

For example, currently CC_DENY_PORTS might look like this:

KP,KZ,LT,RO,TR,CN,RU

and CC_DENY_PORTS_TCP like this

20,21,22,53,110,143,465,579,587,993,995,1167,2077,2078,2079,2080,2082,2083,2086,2087,2095,2096,2408,2812,3306,7080

On occasions, we may want to additionally block CN & RU from the above ports AND 80 & 443.

Is there a way CSF can handle this at the moment?

Alternately, maybe a feature request could be to add an option, such as CC_DENY_25 whereby any countries in CC_DENY will block all ports when CC_DENY_25 is disabled, and all ports, except 25, when CC_DENY_25 is enabled.?

Thank you for any suggestions/help
1 post Page 1 of 1