I am curious, what is the best way to ban certain IP from accessing server? I have software firewall (APF) and there is, of course, /etc/hosts.deny.
Which is the most efficient? I've read that software firewall becomes unstable after so many entries. Does the same apply to /etc/hosts.deny file?
If you reboot, it's all gone. The best way is simply to write a start up script with the IPs you want to block so that it will be easier for you to add/delete them without messing with your config files:
You should try csf firewall it is easy to manage,
You can install by using the following steps and can block a particular IP address,
1) Log into your server and switch to the root user
2) Switch directories to your download directory
3) Download the latest version of the software: # wget http://www.configserver.com/free/csf.tgz
4) Untar the package: # tar -xzf csf.tgz
5) Switch into the new extracted folder: # cd csf
6) Run the installer: # sh install.sh
7) If you are still running APF and BFD on your server it is necessary to disable those applications: # sh disable_apf_bfd.sh
After that just use the command csf -d ip that you want to block
eg : csf -d 127.0.0.0
You can also configure CSF and LFD from WHM.
Support Facility | 24/7 web hosting technical support services Technical support | Server management | Data migration