Hello Makers,

This guide will help you to secure your server from hackers and attacks by enabling IP blocking.

What is IP Blocking?

IP address blocking is a configuration of a network service that blocks requests from hosts with certain IP addresses. IP address blocking is commonly used to protect against brute force attacks and to prevent access by a disruptive address.

Why is my IP Blocked?

  • You logging in from a public network like the ones in a restaurant, a train, or an airport. Other people used this public IP address for suspicious activities, causing it to be blocked.

  • You have entered the Wrong Login credentials and tried logging in multiple times in a short time period.

  • You've entered the wrong credentials while logging into webmail multiple times.

  • You have tried logging into SSH with the wrong credentials.

  • Your computer is infected with a virus and is, for example, sending out spam.

  • Someone on your network has a virus or is related to suspicious activities.

  • You applied the wrong API credentials multiple times on your sites.

When your IP is blocked by a server firewall, you can't be able to access your server/sites. When you try accessing the server, it'll show a timeout error. And in this case, most of us think that the server is down. But it's not.

Usually, a Server firewall uses regular expressions to monitor log files for patterns corresponding to authentication failures, seeking for exploits, and other entries that can be considered suspicious. Such log entries are counted, and, when their number reaches some predefined value, the firewall either sends a notification email or bans the user's IP for a pre-defined length of time. When the ban period is over, the IP address will be automatically unbanned. It's an automatic process by the server firewall. And once the ban period is over, you will be able to access your sites/server without any issues and you may need to clear your browser cache in some cases.

Do IP bans do anything?

IP ban is implemented to protect the server from abuse such as brute force attacks, block emails from known spammers and limit usage by users. IP Ban allows a server to ban an IP address from accessing a Website, Server, or SSH.

Let's set up IP banning on your Plesk server!

  • Login to your Plesk server as a root/administrator.

  • Click on Tools & Settings

  • Now click on IP Address Banning (Fail2Ban) under the Security section.

  • Here you need to set up basic IP ban settings.

  • You need to enable the option, Enable Intrusion Detection

  • And set up Ban period and other two options well. You can enter the ban period in seconds. And don't forget to save the settings.

Now you've enabled the IP Blocking on your Plesk server.

How to unban IP or Whitelist the blocked IP addresses?

  • You can able to whitelist or unban the IP address, that is blocked by the server currently.

  • You can search for the IP address or just select the IP address.

  • Move to Trusted IPs option will move the blocked IP address to the Whitelist and it'll be not blocked again. Unban option will unban the blocked IP for now, and it may be blocked again in the future.

How to whitelist IP addresses?

  • You can able to whitelist the IP address, even it's not blocked before. It is suggested only if you're using the Dedicated Network IP addresses. If you're using public IP, then it's not recommended.

  • For this, you need to move on to the tab, Trusted IP Addresses.

  • Here you can add trusted IPs by clicking on an Add Trusted IP option. And also, you can able to remove the whitelisted IPs.

And that's it! Now you've enabled the IP Banning on your Plesk Server. Please feel free to contact us, if you've any further questions.

Happy Making!

Did this answer your question?