block spam and traffic from specific countries like Russia on a Plesk server

To block spam and traffic from specific countries like Russia on a Plesk server, you can use the ModSecurity module in conjunction with a geolocation database. Here are the steps to achieve this:

1. Install the ModSecurity module:
   • Login to your Plesk server as root
   • Run the following command: plesk installer --select-release-current --install-component mod-security
2. Download and install a geolocation database:
   • There are several free and paid geolocation databases available online, such as MaxMind and IP2Location. You can download one of these databases and install it on your server using the instructions provided by the vendor.
3. Configure ModSecurity to block traffic from specific countries:
   • Create a new file named modsecurity_custom.conf in the directory /etc/httpd/conf.d/
   • Add the following lines to the file:

     # Block traffic from Russia
     SecGeoLookupDb /path/to/geolocation/database
     SecRule REMOTE_ADDR "@geoLookup" "chain,id:1000,drop,status:403,msg:'Access denied - IP address from Russia'"
     SecRule GEO:COUNTRY_CODE "^RU$

4. Replace /path/to/geolocation/database with the path to your downloaded geolocation database file.
5. Restart the Apache web server:
   • Run the following command: systemctl restart httpd
6. After completing these steps, ModSecurity should start blocking traffic from Russia on your Plesk server. You can add additional rules to block traffic from other countries as needed by adding more SecRule directives to the modsecurity_custom.conf file