So my web server has been port flooded, and port scanned by IP’s originating in China, Korea, and Russia. Iran also had a few knocks on port 80. So, I installed a better firewall, which does a lot more than just what a standard fw does. The ConfigServer Security and Firewall for WHM/Cpanel is a must have if you run a web server on Linux. This is my first day using it, so I have a lot to learn. One thing I am considering is blocking whole countries by their country code (CN) for China for example.
More on this latter. The portscans and flooding has gone way down, almost to zero. I’m really liking CSF so far..
Posted via email from bgarlock’s posterous