There are some methods to block an IP address, the one I use is
road. But all IP addresses are lost when I restart the operating system. I found ways to permanently block, which did not work and the operating system did not even boot up. I therefore need to create a
.sh with the list of IP addresses and run this script at startup of the operating system.
I am not sure of this method, because the list of IP addresses is (would be) very long, I block 75 addresses per day, they are all robots.
This list will increase soon. What would be the best way to permanently block an IP address on ubuntu at edge? Note: the version of my kernel is 2.9, so I can not use tools like fail2ban, csf.
What I am doing right now is:
I'm using ModSecurity and when a specification rule fires, I run this code:
ip route add a hole xxx.xx.xx.xx echo xxx.xx.xx.xx >> list_of_ip.txt
I also use the cloudflare API to block IP addresses because when they access my VPS using the host name, I need to block it on cloudflare, otherwise it will not be blocked.