how do I block traffic from everywhere except 2 countries?
hi. my ip is being brute forced. they guessed my password after 86000 tries apparently. rebuilt the server with ssh keys this time.
installed fail2ban. now I want to block traffic from all countries except 2.
found this article https://www.webfoobar.com/node/54
any better ideas on how to do this than the one described above with fail2ban?
if not, how do I declare more than 1 allowed country?
country_list = PH|Philippines
how do I add more countries to the list above?
Thank you
1 Reply
jtoscani
Linode Staff
For your purposes a recommended approach would be using a service like Cloudflare instead of setting up an involved firewall. Your IP would remain hidden behind Cloudflare servers, and therefore would be much less susceptible to malicious traffic and DDoS attacks. To read more about the benefits you can review our guide, How to Set Up Cloudflare with Linode.
Blocking traffic from all countries except a few has the potential to take a toll on your server's resources. In addition, it's not an exact science and could result in both false positives and negatives - it's also easily circumvented with a VPN.
If you're set on moving forward with this, I'd recommend using iptables rather than Fail2ban for this type of firewall project. To that end, these resources provide good insight and guidance on how to carry out this type of task: