Linux – Block SSH and FTP Access to Specific IP and Network Range in Linux

I’m not sure why but someone in China must think my Linux server contains massive secrets and sometimes even when using fail2ban it seems to be bogged down by attempts to login as root to my SSH by brute force attack which leaves me scratching my head as to if anyone really allows root access to SSH.

Anyhow, the goal is to just reject these jokers at a transport level on the firewall.

The article on how to do this is here.

The relevant commands are:

firewall-cmd --direct --add-rule ipv4 filter INPUT 1 -m tcp --source -p tcp --dport 22 -j REJECT
firewall-cmd --reload

Comments are closed.