How to disable access to specified ip in linux?
For example, it is brute force cracked by others, and others try to log in with different passwords:
So I want to directly disable access to these ips. What should I do?
Solution: Modify the configuration file /etc/hosts.deny
Put the IPs to be banned from ssh access in /etc/hosts.deny :
There is ip 117.136.38.47 in the config file.
Then when this ip tries to ssh login, it will:
The login is refused directly, and the user name and password will not be verified.
Contents of configuration file /etc/hosts.deny:
# # hosts.deny This file contains access rules which are used to # deny connections to network services that either use # the tcp_wrappers library or that have been # started through a tcp_wrappers-enabled xinetd. # # The rules in this file can also be set up in # /etc/hosts.allow with a 'deny' option instead. # # See 'man 5 hosts_options' and 'man 5 hosts_access' # for information on rule syntax. # See 'man tcpd' for information on tcp_wrappers # sshd:121.42.0.15 sshd:121.42.0.17 sshd:121.42.0.19 sshd:121.42.0.30 sshd:121.42.0.31 sshd:121.42.0.36 sshd:121.15.151.181
Use # to comment
ip partial matching is also supported:
Reference: Solve the problem of Alibaba Cloud host being attacked 2:
http://hw1287789687.iteye.com/blog/2269701