Question about ip blocking

[masterb56]

I want to block ip ranges of OVH and Leaseweb since I get so many scanning bots from them trying to pry open and test my website security.

The problem is I can't pinpoint a particular ip cause it changes frequently. So I'm down to just blocking the whole ip range.

My question is, what's the effective way to block the ip? CF, iptables or via web server (Apache/Nginx)? I heard its a drain on server's resources with too much ips in the ip list. Should one just use cloudfare?

 

[skinner]

Use iptable..

iptables -A INPUT 1 -s IPADRESS -j DROP/REJECT

 

[DaringHost]

CloudFlare may be the easiest and more efficient solution for you.
It will not only block IP's that pose a threat to your website, but also it will help you website load faster to your visitors by cacheing static content.

 

[masterb56]

Thanks Daring. I just have reservations about couldfare cause I heard they don't handle high traffic sites.

 

[damoncloudflare]

CloudFlare and traffic

Hi,

CloudFlare isn't an issue with sites that have high traffic at all. We actually pump billions of pageviews through our network on a monthly basis.

 

[madaboutlinux]

You can block a whole IP range say 1.1.1.0/255 using CSF and iptables

CSF:

csf -d 1.1.1.0/24

Iptables:

iptables -A INPUT -s 1.1.1.0/24 -j DROP
service iptables save