How to Block China and other Countries in WHM

If you’ve been battling constant attacks from hackers and spammers in China or other countries, there is a way to prevent them from accessing ANY site on your Linux server, and the installation of this wonderful solution is a lot easier then you might expect. Most Admins usually add the long list of each countries IPs to the htaccess file of each websites root directory, but this can create an enormous file that can sometimes fail, especially if you’re running WordPress or some other type of CMS that adds entries automatically. WordPress does have a plugin available (IQ Block Country) that can block country IPs without creating a large htaccess file, but I’ve found that it can run into conflicts with caching plugins, so you’re much better off by simply blocking the unwanted traffic from the server level.

The name of the solution I’m speaking of is the Config Server Firewall ( CSF ) firewall, which is open source (although they DO appreciate donations to help support their efforts) and is loaded with a ton of features, but for the purpose of this article we’ll just address how to block out unwanted traffic from countries. The way that CSF works is that it uses the Maxmind geoIP database to identify the IP ranges of whichever country you specify that you want to block, and then sets a filter at the root level to block incoming traffic from those IPs. You do however need to be very selective on how many countries you add since adding too many can slow down your server.

Get the country codes for the countries that you want to block

Before installing the CSF, go to the World Atlas to retrieve the country codes of the countries you want to block (they’re the ones in the A2 column), and bookmark this page for quick reference in case you want to block other countries in the future.

Install CSF through your SSH console

Execute the following commands through your SSH console:

wget http://www.configserver.com/free/csf.tgz
tar -xzf csf.tgz
cd csf
sh install.sh

Restart your server

Once you’ve installed it you can restart your server and all your services, and you’ll see the entry “ConfigServer Security&Firewall” from within the Plugins tab in your WHM.

Add the countries you want to block to the CSF

1. Click on ConfigServer Security&Firewall from within your Plugins tab to open the CSF control panel, then click on “Firewall Configuration” under the column that says “csf – ConfigServer Firewall”
2. At the top of that page you should see a drop-down menu where you can select “Country Code Lists and Settings” which you’ll want to select and enter the country codes you got earlier in the box next to “CC_DENY =”     ex:  CC_DENY = CN,HK
3. Scroll to the bottom of that page and hit “Change” and restart the services

Note: Make sure once everything is done that the top of the CSF Control Panel shows “Firewall Status: Enabled and Running”, and that’s it, you’re now blocking your chosen countries from the server level!