I am running a VPS with whm/cpanel and would like to restrict access on ports 2083,2087,2096 and ftp,ssh to only my location. Basically I want for every visitor that tries to access those ports to have their ip tracerouted to their city, and if it is not the same as my city then they should not have access. This would really reduce the probability of getting hacked and such. Is there such a way to implement an ip security system like this? Furthermore, since I know the range of IPs that my ISP uses(from http://www.maxmind.com/app/geolitecity) how would I set that those key ports can only be accessed by someone from my IP range. Thanks in advance.
I've made a simple bash script which restricts access to the ports. #!/bin/bash ALLOWED_IP="11.11.11.0/24"; # replace with IP adresses of your ISP ETH0="eth0" # replace with your eth BLOCK_PORTS='2083 2087 2096 21 22' # ports for i in $BLOCK_PORTS; do iptables -A INPUT -p tcp --syn -s ${ALLOWED_IP} -i ${ETH0} --dport ${i} -j ACCEPT done for i in $BLOCK_PORTS; do iptables -A INPUT -p tcp -i ${ETH0} --dport ${i} -j DROP done Code (markup):