How to Block an IP Address on Ubuntu 18.04 LTS with UFW. Are you dealing with a bot, spammer or hacker hitting your website. You could block those toxic IP address and protect your server from attacks.
In this guide you are going to learn how to block an IP address which is constantly hitting your site with UFW (Uncomplicated Fire Wall) on Google Cloud Platform. You can also use this method on any Linux server.
This method could block a service or a user if used incorrectly.
This setup is tested on Google Cloud Platform, so this guide can be used on any other cloud hosting services or VPS or Dedicated server running Ubuntu.
- A running Compute Engine, see the Setting up Compute Engine Instance.
- For installing Nginx and PHP, see how to install LEMP in Compute Engine Instance.
- Get your list of toxic IP addresses.
How to Block an IP Address
If you have followed the above steps to setup your server, you will have UFW installed and enabled on your server. If you haven’t installed UFW on your server you can follow the below steps to install UFW and enable it.
sudo apt install ufw
sudo ufw allow ssh
sudo ufw allow http
sudo ufw allow https
Now you have added the rules to allow connections to your server from only these ports
80 (HTTP) and
Now enable Firewall on system startup
sudo ufw enable
Add UFW rule
If you need to block an IP Address from accessing your website, you need to add the rule with priority. The rule should be added before the
https rules. Enter the following command to block a toxic IP.
sudo ufw insert 1 deny from 192.0.0.1 to any
Now you can view the status of the added rules with numbers with the following command.
sudo ufw status numbered
Delete UFW rule
You can delete a rule by the rule number.
sudo ufw delete 1
Disable and Reset UFW
To disable UFW completely run the following command. If you disable this your added rules will be not be active unless activated again.
sudo ufw disable
If you want to clear all rules and want to start over you can use the reset command to reset UFW.
sudo ufw reset
Now your Firewall is configured to block toxic IP Addresses that try to spam or hack your website