New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
Use CSF to block access to the port and then CC allow one country
CC_ALLOW_PORTS = COUNTRY
CC_ALLOW_PORTS_TCP = PORT
CC_ALLOW_PORTS_UDP = PORT
Just remember the CC codes are ISO 3166-1 alpha-2. Save and restart CSF
Just use a login_pre.sh script to validate caller ip. Would be waaaayy more neat to use native DA features over 3rd party shit csf (also isnt a DA thing per se)
Nothing's wrong to block IP at network (iptables) level and not on application (DA), less load on server.
Yes the login_pre script is great for restricting access to set IPs but doesn’t work for a whole country
In the end CSF or anything would use an IP set to compare against. Just make a php script hook a maxmind db and judge country that way. That’s how one would do it in DA (as per the question). Whether it is most efficient, is the question...
I wish they would do an email notification When logged in as admin.
login_post.sh is your best friend (is called after succesful login). While not tested, it should be something along the lines of;
Thanks, where would this go?
/usr/local/directadmin/scripts/custom/
If you are not using scripts in DA yet, you are likely not using it right ;-)