VPS memberikan layanan seperti web service , database server , dan masih banyak lagi dapat diakses dari dalam ataupun luar negeri. Layanan tersebut bisa saja hanya diakses oleh pengguna dari dalam negeri, untuk alasan keamanan pengelola server memblokir akses internet dari luar negeri agar server tidak dapat diakses dan mengurangi resiko peretasan dari luar negeri.

Berikut kami berikan panduan agar server Anda hanya dapat diakses dari Indonesia.

vi allow-indonesia.sh

#!/bin/sh
#Allow specific countries from hitting your server (CentOS)
#Install ipset if you dont have it
yum install ipset -y
#Country to allow
#indonesia
#Create the initial rules in ipset based on hast:net
for a in indonesia; do ipset -N $a hash:net; done
#Download the necessary files from ipdeny
wget -P . http://www.ipdeny.com/ipblocks/data/countries/id.zone
#Add each IP address from the downloaded list into the ipset you’ve created
for a in $(cat /root/id.zone ); do ipset -A indonesia $a; done
#Backup the iptables
/sbin/iptables-save > /root/iptables.$(date ‘+%Y%m%d’)
#Add the following loop statement into your iptables to allow the countries you want
for a in indonesia; do iptables -I INPUT -p tcp -m set –match-set $a src -j ACCEPT; done
for a in indonesia; do iptables -I INPUT -p udp -m set –match-set $a src -j ACCEPT; done
for a in indonesia; do iptables -I INPUT -p icmp -m set –match-set $a src -j ACCEPT; done
#drop all except indo
iptables -A INPUT -i eth1 -j DROP
#Save the current configuration for iptables
service iptables save
#remove zone
rm -rf /root/*.zone*
vi update-allow-indonesia.sh
#!/bin/sh
#allow specific countries from hitting your server (CentOS)
#Create the initial rules in ipset based on hast:net
for a in indonesia; do ipset -N $a hash:net; done
#Download the necessary files from ipdeny
wget -P . http://www.ipdeny.com/ipblocks/data/countries/id.zone
#Add each IP address from the downloaded list into the ipset you’ve created
for a in $(cat /root/id.zone ); do ipset -A indonesia $a; done
#remove zone
rm -rf /root/*.zone*
chmod +x allow-indonesia.sh
cd /root/
./allow-indonesia.sh
chmod +x update-allow-indonesia.sh
echo “@monthly /root/update-allow-indonesia.sh” >> /var/spool/cron/root
Panduan tersebut dapat dijalankan menggunakan Sistem Operasi Centos Linux. Panduan Membuka Blokir Akses Internasional VPS
Note : eth1 adalah interface ip public, apabila Anda menggunakan server selain Cloudmatika silahkan disesuaikan
in LinuxVirtual Private Server Tags: Cloud VPSCloud VPS IndonesiaLinuxVPS

Copyright © 2019 Cloudmatika. A Division of PT. Awan Solusi Informatika. All rights reserved.

MEMBER OF
Top