Portal Home > Knowledgebase > Articles Database > Block based on domain
Block based on domain
| Posted by Skeptical, 07-02-2010, 06:40 AM |
| Is there a way using IPTables to drop all requests coming to a certain domain name?
For instance, all requests coming in to www.a.com will be dropped. No replies, no error pages, just dropped.
If it's possible, how can it be done?
Btw, I know, it's probably not a good practice. But need to get it done now. Thanks!
|
| Posted by OLM | DavidG, 07-02-2010, 08:05 AM |
| If the domain is on a unique IP address, then yes. Something like this should do the trick (where 1.2.3.4 is the domain's unique IP address):
iptables -A INPUT -d 1.2.3.4 -j DROP
|
| Posted by Skeptical, 07-02-2010, 08:47 AM |
| The problem is, it's on a shared IP.
|
| Posted by madaboutlinux, 07-02-2010, 08:51 AM |
| You cannot block domain using iptables. Well, if you don't require any requests coming from that server, block the Shared IP itself. BTW, what sort of requests are coming from that domain? If they are trying to inject/hack anything, send a report with the logs to the hosting provider of that website.
|
| Posted by Aigen_tech, 07-02-2010, 09:25 AM |
| Hi,
Why don't you just suspend the domain?
|
| Posted by madaboutlinux, 07-02-2010, 09:28 AM |
| I misread the actual question of the OP.
Yes, just suspend the domain as there is no exact solution for it...
|
| Posted by centauricw, 07-02-2010, 10:03 AM |
| The thing to remember is that iptables is IP address based (hense the name). Even though you use domain names in the iptables rules, it simply does DNS lookup to get the matching IP address, and ends up blocking the IP address.
|
Add to Favourites 
Print this Article
Also Read
