linux中如何禁止指定的ip访问呢?
比如被别人暴力破解,被别人使用不同的密码尝试登录
前段时间,我在阿里云的主机就收到了攻击,并且被安装了后门:
所以我想直接禁用这些ip的访问.怎么办呢?
解决方案:修改配置文件/etc/hosts.deny
把要禁止ssh访问的ip都放在/etc/hosts.deny 中:
配置文件中有ip 117.136.38.47.
那么当这个ip尝试ssh登录时,就会:
直接就拒绝登录了,都不会校验用户名和密码.
配置文件/etc/hosts.deny 内容:
# # hosts.deny This file contains access rules which are used to # deny connections to network services that either use # the tcp_wrappers library or that have been # started through a tcp_wrappers-enabled xinetd. # # The rules in this file can also be set up in # /etc/hosts.allow with a 'deny' option instead. # # See 'man 5 hosts_options' and 'man 5 hosts_access' # for information on rule syntax. # See 'man tcpd' for information on tcp_wrappers # sshd:121.42.0.15 sshd:121.42.0.17 sshd:121.42.0.19 sshd:121.42.0.30 sshd:121.42.0.31 sshd:121.42.0.36 sshd:121.15.151.181
使用# 可以注释
也支持ip 局部匹配:
