Skip to content
View in the app

A better way to browse. Learn more.

Unraid

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

IP Blocking System wide?

Featured Replies

Hey Guys,

 

im having an issue where my server is being attacked by ip's from places like korea, uganda, etc. trying to access things like FTP and TELNET. just wondering if there's an implementation of blacklisting IP addresses from attempting to connect. im using proftpd and have an ftp blocklist setup in the conf, but not their trying to access telnet and other ports on the server. i do need remote access to the server, so closing the ports in the router wont fix my issue.

 

thanks all

You will need to secure it at your router level, the device which gives you internet access since there is nothing provided for unRAID. You should immediately close all ports to unRAID and use something like a VPN connection to remotely administer the system.

 

It is also an extremely horribly bad decision to ever make an unRAID system available on the internet since it was never designed with security in mind.  Hopefully LimeTech will place high priority on designing unRAID with security in mind soon.

Hey Guys,

 

im having an issue where my server is being attacked by ip's from places like korea, uganda, etc. trying to access things like FTP and TELNET. just wondering if there's an implementation of blacklisting IP addresses from attempting to connect. im using proftpd and have an ftp blocklist setup in the conf, but not their trying to access telnet and other ports on the server. i do need remote access to the server, so closing the ports in the router wont fix my issue.

 

thanks all

 

Depending on your router, it may be possible to load a geo-based blocklist to block all IPs from Russia, China, etc. I don't have a cheapo home router so I can't speak to those, but it's fairly easy if you're using something nice or something software-based like pfSense.

 

When you say "I do need remote access to the server"... what do you mean? For which services? It's fairly straightforward to set up either VPN or reverse proxy access to your services, which will go a long, long ways towards securing things.

  • Author

i need direct access to ftp and ssh/telnet

 

my router is a top shelf belkin, and i cannot load a blocklist into it

i need direct access to ftp and ssh/telnet

 

my router is a top shelf belkin, and i cannot load a blocklist into it

 

Setup a VPN into your network but block the unraid box from the internet incoming connections is the only secure way. To do anything else is playing with fire.

 

Ultimately the call is yours, but dont be surprised when the system is compromised and your data is wiped out and stolen.

  • Author

i use secure passwords for such things where they are on the internet. im not worried about them gaining access, there is only 2 system ports opened, i just find it annoying and would rather see "blocked ip xxx.xx.xx.x attempted login" as apposed to "root login failed for ip xxx.xx.xx.x"

  • Author

just found etc/hosts.deny

 

thanks all

  • Community Expert

just found etc/hosts.deny

 

thanks all

Are you aware that any changes you make in /etc will not survive a reboot?

i use secure passwords for such things where they are on the internet. im not worried about them gaining access, there is only 2 system ports opened, i just find it annoying and would rather see "blocked ip xxx.xx.xx.x attempted login" as apposed to "root login failed for ip xxx.xx.xx.x"

 

You should worry, if a password and a 200 buck low end router were secure no one would ever get breached.

 

Use a VPN or accept 100% responsibility for the risk you are taking.

 

 

  • Author

just found etc/hosts.deny

 

thanks all

Are you aware that any changes you make in /etc will not survive a reboot?

yes, i forgot about that. how would you recommend i go about surviving reboot

 

  • Author

i use secure passwords for such things where they are on the internet. im not worried about them gaining access, there is only 2 system ports opened, i just find it annoying and would rather see "blocked ip xxx.xx.xx.x attempted login" as apposed to "root login failed for ip xxx.xx.xx.x"

 

You should worry, if a password and a 200 buck low end router were secure no one would ever get breached.

 

Use a VPN or accept 100% responsibility for the risk you are taking.

 

almost nobody buys a 200 dollar router when their provider gives them one for free (99% of people have no concept of free = shit)

and i do accept full responsibility, even if i did get breached i would have come here crying

  • Community Expert

just found etc/hosts.deny

 

thanks all

Are you aware that any changes you make in /etc will not survive a reboot?

yes, i forgot about that. how would you recommend i go about surviving reboot

The usual method is to put something in the go script to make the changes on each boot.

If you must do this then use a FTP in a container, patch it often , install fail2ban and rate limit using iptables. I would recommend ssfs or scp with certs over ftp every day of the week.

  • Author

ive gone this route;

 

-disabled stock SSH/TELNET service

-Installed ssh plugin from overbyrn

-Installed DenyHosts from overbyrn

-Installed proftpd plugin

-jailed root on all services

-setup user logins based on unraid users

-setup parameters in denyhosts to instaban root/UNKNOWN/no user use

 

allready got 4 IPs instabanned, seems like bots

sounds pretty secure to me, but il take your guys advice

 

and yes i understand that having ports closed to the world is the ultimate security but thats not what i want

 

Archived

This topic is now archived and is closed to further replies.

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.