Blocking Countries by IP Address on Your Apache Web Server
Before I show you how, the more important item to address is how do we know what IP addresses go to a specific country or region?
There are web sites like CountryIPblocks.net that help you create .htaccess entries for blocking countries and regions by IP address ranges.
Screenshot below show me building a deny list for Asia for example.
Copy the IP ranges to your .htaccess file, save then reset the Apache server service.
>service apache2 restart
Welcome to the New World of Cyber Warfare
Below is a screenshot from CountryIPblocks.net providing a list of IPs to block Iranian web traffic. If a threat actor is actively engaged in sneaky sneaky bad stuff then using this site will help you identify IP ranges to block.
Today marks my first week of owning a WordPress blog.
I figured a week should be ample enough time to have the web server run and let the bad guys and bots take a swing at it. A review of my Apache web server log should show me what type of WordPress hacks would be attempted first.
My site is really new so I don’ t expect a lot of traffic. I downloaded my Apache web server log and noticed that apparently I had a lot of traffic for a brand new site that had not yet been promoted.
Once I downloaded and looked through the web server log file, a pattern quickly appeared. Lots of requests for a specific file called xmlrpc.php.
What the hell is xmlrpc.php?
I had found this in depth article about the xmlrpc file. For a more in-depth dive please check it out.