Difference between revisions of "Blocked IPs"

From Kolmisoft Wiki
Jump to navigationJump to search
 
(17 intermediate revisions by 10 users not shown)
Line 1: Line 1:
Go to '''ADDONS -> Monitorings -> Blocked IPs''' to see all blocked IPs with blocking reasons. Blocking reasons give a hint what needs to be fixed.
'''Blocked IPs''' can be used from '''Admin''' account and from '''Accountant''' account with Monitoring permissions enabled. From Admin account, go to '''Security -> Blocked IPs''' to manage blocked IPs. An IP can be blocked by entering valid input values and by clicking the '''Block''' icon. The to-be-blocked IP '''must not''' be local or a current server IP. By clicking on the '''Unblock''' icon an IP is unblocked. All the blocking/unblocking changes will be active in '''one minute after they have been applied.''' Country information (flag) can take up to one hour to appear.
<br><br>
<br><br>
[[File:blocked_ips.png]]
[[File:Mor blocked ips list.png]]
<br><br>
<br><br>
When IP is blocked manually reason says: MOR-BLOCKED-IP-FROM-GUI. When IP is blocked automatically by MOR reason says: fail2ban-AST_CLI_Attack. Below you see example how it looks in GUI:
<br><br>
[[File:Blocekd_IPs_example.png]]
<br><br>
Explanation of the values given in the '''Reason''' column can be found [[How_to_be_secure_using_MOR#Additional_software_to_increase_MOR_system_security|here]]. Reason "INPUT" means that IP was blocked manually by using these instructions: [[How to block someone%27s IP]]
<br><br>
Reasons why IP was not blocked:<br>
IP is incorrect or blank<br>
IP is already blocked for this server<br>
Cannot block server IP<br>
IP address is private<br>
IP address is local<br>
You can search blocked IP. Possible search by a single IP or for the range using wildcard ''%'' like in the example.
<br><br>
[[File:blocked_ips_search_mor.png]]
= Blocked IP format =
It is possible to block IPs in such format:
* Single IP, for example, '''2.2.2.2'''
* Subnet in CIDR notation, for example, '''2.2.2.0/24'''. Please note that CIDR notation will be converted into the canonical format automatically. For example, if you enter 2.2.2.1/24, it will be converted to 2.2.2.0/24. This is because 2.2.2.0/24 denotes the range 2.2.2.1 - 2.2.2.254, so any subnet from 2.2.2.1/24 to 2.2.2.254/24 means exactly the same range, and a canonical way to represent this is range is with 2.2.2.0/24
* IP range in format x.x.x-xx, for example '''2.2.2.1-125'''. Please note that all IPs in the range will be blocked as separate IPs, so entering 2.2.2.1-125 would create 125 single IP entries. For this reason, we strongly recommend using subnets if possible.
=See Also=
=See Also=


* [[How to block someone's IP]]
* [[How to block someone's IP]]
* [[How to block country IP]]
* [[How to add Fail2ban exception for my IP]]

Latest revision as of 11:09, 15 February 2024

Blocked IPs can be used from Admin account and from Accountant account with Monitoring permissions enabled. From Admin account, go to Security -> Blocked IPs to manage blocked IPs. An IP can be blocked by entering valid input values and by clicking the Block icon. The to-be-blocked IP must not be local or a current server IP. By clicking on the Unblock icon an IP is unblocked. All the blocking/unblocking changes will be active in one minute after they have been applied. Country information (flag) can take up to one hour to appear.

Mor blocked ips list.png

When IP is blocked manually reason says: MOR-BLOCKED-IP-FROM-GUI. When IP is blocked automatically by MOR reason says: fail2ban-AST_CLI_Attack. Below you see example how it looks in GUI:

Blocekd IPs example.png

Explanation of the values given in the Reason column can be found here. Reason "INPUT" means that IP was blocked manually by using these instructions: How to block someone's IP

Reasons why IP was not blocked:

IP is incorrect or blank
IP is already blocked for this server
Cannot block server IP
IP address is private
IP address is local

You can search blocked IP. Possible search by a single IP or for the range using wildcard % like in the example.

Blocked ips search mor.png

Blocked IP format

It is possible to block IPs in such format:

  • Single IP, for example, 2.2.2.2
  • Subnet in CIDR notation, for example, 2.2.2.0/24. Please note that CIDR notation will be converted into the canonical format automatically. For example, if you enter 2.2.2.1/24, it will be converted to 2.2.2.0/24. This is because 2.2.2.0/24 denotes the range 2.2.2.1 - 2.2.2.254, so any subnet from 2.2.2.1/24 to 2.2.2.254/24 means exactly the same range, and a canonical way to represent this is range is with 2.2.2.0/24
  • IP range in format x.x.x-xx, for example 2.2.2.1-125. Please note that all IPs in the range will be blocked as separate IPs, so entering 2.2.2.1-125 would create 125 single IP entries. For this reason, we strongly recommend using subnets if possible.

See Also