How to use CSF Firewall features:
- CC_DENY
and
- CC_ALLOW
I am getting a lot of attempts to access ssh, so I would like to block all countries, instead of having to add them one by one.
Of course, leave only my country as allowed.
UPDATE 2020-02-13
After researching a lot I found that:
CC_DENY = If you want to block the country, this is where you must enter the country code.
CC_ALLOW = Here is the catch, if you put your country's code here, it will do the general release, including firewall ports. In other words, your country will not respect any rules of your firewall.
I will leave my contribution of country codes. REMOVE YOUR CODE.
CC_DENY = "AD,AE,AF,AG,AI,AL,AM,AO,AQ,AR,AS,AT,AU,AW,AX,AZ,BA,BB,BD,BE,BF,BG,BH,BI,BJ,BL,BM,BN,BO,BQ,BS,BT,BV,BW,BY,BZ,CA,CC,CD,CF,CG,CH,CI,CK,CL,CM,CN,CO,CR,CU,CV,CW,CX,CY,CZ,DE,DJ,DK,DM,DO,DZ,EC,EE,EG,EH,ER,ES,ET,FI,FJ,FK,FM,FO,FR,GA,GB,GD,GE,GF,GG,GH,GI,GL,GM,GN,GP,GQ,GR,GS,GT,GU,GW,GY,HK,HM,HN,HR,HT,HU,ID,IE,IL,IM,IN,IO,IQ,IR,IS,IT,JE,JM,JO,JP,KE,KG,KH,KI,KM,KN,KP,KR,KW,KY,KZ,LA,LB,LC,LI,LK,LR,LS,LT,LU,LV,LY,MA,MC,MD,ME,MF,MG,MH,MK,ML,MM,MN,MO,MP,MQ,MR,MS,MT,MU,MV,MW,MX,MY,MZ,NA,NC,NE,NF,NG,NI,NL,NO,NP,NR,NU,NZ,OM,PA,PE,PF,PG,PH,PK,PL,PM,PN,PR,PS,PT,PW,PY,QA,RE,RO,RS,RU,RW,SA,SB,SC,SD,SE,SG,SH,SI,SJ,SK,SL,SM,SN,SO,SR,SS,ST,SV,SX,SY,SZ,TC,TD,TF,TG,TH,TJ,TK,TL,TM,TN,TO,TR,TT,TV,TW,TZ,UA,UG,UM,US,UY,UZ,VA,VC,VE,VG,VI,VN,VU,WF,WS,YE,YT,ZA,ZM,ZW"
CC_ALLOW = ""
Use
CC_DENYto block countries in your serveror
Use
CC_ALLOWto whitelist countries in your serverAllowed values are two-letter ISO Country Code(s) e.g. "US,GB,DE"
Caution must be taken when using this setting as you might completely block yourself or your visitors.
A better solution might be to change the default ports of services e.g., SSH port.