Run the following commands as root on cPanel server.
Block :
whmapi1 suspend_outgoing_email user=USERNAME
Unblock :
whmapi1 unsuspend_outgoing_email user=USERNAME
November 8, 2019
How to block a cPanel user from sending spam/email
May 21, 2015
Block Torrent Trackers on Linux
Create “/etc/trackers” with a list of trackers which you want to be blocked.
My current file contains:
9.rarbg.com announce.torrentsmd.com bigfoot1942.sektori.org bt.careland.com.cn bttrack.9you.com bttracker.crunchbanglinux.org coppersurfer.tk explodie.org i.bandito.org mgtracker.org open.demonii.com opensharing.org torrent.fedoraproject.org torrent.gresille.org tracker.best-torrents.net tracker.blucds.com tracker.btzoo.eu tracker.coppersurfer.tk tracker.dler.org tracker.istole.it tracker.leechers-paradise.org tracker.nwps.ws tracker.openbittorrent.com tracker.publicbt.com tracker.tfile.me tracker1.wasabii.com.tw
You can have duplicates in the list, script will take care of that.
Now create “/usr/bin/blocktrackers” script:
#!/bin/bash
IFS=$'\n'
L=$(/usr/bin/sort /etc/trackers | /usr/bin/uniq)
for fn in $L; do
/sbin/iptables -D INPUT -d $fn -j DROP -m comment --comment "Tracker"
/sbin/iptables -D FORWARD -d $fn -j DROP -m comment --comment "Tracker"
/sbin/iptables -D OUTPUT -d $fn -j DROP -m comment --comment "Tracker"
/sbin/iptables -A INPUT -d $fn -j DROP -m comment --comment "Tracker"
/sbin/iptables -A FORWARD -d $fn -j DROP -m comment --comment "Tracker"
/sbin/iptables -A OUTPUT -d $fn -j DROP -m comment --comment "Tracker"
done
Make it executable and create a cronjob to run it daily because trackers change IP address very often.
August 9, 2014
Block a cPanel account from sending out emails
If you have a compromised cPanel account which is used by spammers to send out spam emails, you can use the following trick to prevent the account from sending out any emails temporarily until you can fix the issue.
Edit “/etc/cpanel_exim_system_filter” and add the following ACL to the end of it.
Change USERNAME to compromised cPanel account.
if ( $received_protocol is "local" or $received_protocol is "esmtpa" ) and ( $h_Received contains "USERNAME" ) then seen finish endif
If you want to make the change permanent, you have to create a file in “/usr/local/cpanel/etc/exim/sysfilter/options” and put above rule in it.
April 27, 2011
Block BitTorrent traffic on your Linux firewall using iptables
The following script will block and log un-encrypted BitTorrent & DHT traffic on your Linux firewall.
I have personally tested it on debian 5 lenny , but I am almost sure it should work pretty well on any new Linux distros.
iptables -N LOGDROP > /dev/null 2> /dev/null iptables -F LOGDROP iptables -A LOGDROP -j LOG --log-prefix "LOGDROP " iptables -A LOGDROP -j DROP #Torrent iptables -A FORWARD -m string --algo bm --string "BitTorrent" -j LOGDROP iptables -A FORWARD -m string --algo bm --string "BitTorrent protocol" -j LOGDROP iptables -A FORWARD -m string --algo bm --string "peer_id=" -j LOGDROP iptables -A FORWARD -m string --algo bm --string ".torrent" -j LOGDROP iptables -A FORWARD -m string --algo bm --string "announce.php?passkey=" -j LOGDROP iptables -A FORWARD -m string --algo bm --string "torrent" -j LOGDROP iptables -A FORWARD -m string --algo bm --string "announce" -j LOGDROP iptables -A FORWARD -m string --algo bm --string "info_hash" -j LOGDROP # DHT keyword iptables -A FORWARD -m string --string "get_peers" --algo bm -j LOGDROP iptables -A FORWARD -m string --string "announce_peer" --algo bm -j LOGDROP iptables -A FORWARD -m string --string "find_node" --algo bm -j LOGDROP
June 4, 2010
Protect Apache against Dos/DDos attacks using mod_evasive
mod_evasive is a module for Apache (both 1.3 and 2.0) giving Apache the ability to detect and fend off request-based DoS/DDoS attacks and brute-force attacks conserving your system resources and bandwidth. This tool can be configured to report abusers and even talk to network gear (such as a firewall or ipchains).
in this article we explain how to install mod_evasive on Apache 2 :
wget http://www.zdziarski.com/blog/wp-content/uploads/2010/02/mod_evasive_1.10.1.tar.gz tar zxvf mod_evasive_1.10.1.tar.gz cd mod_evasive /usr/local/apache/bin/apxs -cia mod_evasive20.c
next step is to add the required configuration to the Apache config file , we can add this directly to the end of httpd.conf file but the problem is that if we do this , the httpd.conf will be overwritten by easyapache so we will use include files to add our config.
login into your WHM panel , and follow the following menu items :
Main >> Service Configuration >> Apache Configuration >> Include Editor
on the Pre Main Include section , choose All Versions from drop down menu and add the following config into it :
<IfModule mod_evasive20.c> DOSHashTableSize 3097 DOSPageCount 5 DOSSiteCount 50 DOSPageInterval 1 DOSSiteInterval 1 DOSBlockingPeriod 600 </IfModule>
then click on update and restart Apache server.
May 13, 2009
How to block access to a file using .htaccess
If you have a file in your web directory which you want to keep secure , you can block the access to it by following lines in your .htaccess file:
<Files FILENAME> deny from all </Files>