How to Block an IP address on a Linux server

NOTE: The actual contents and opinions are the sole views of the author who maintains editorial independence.
If you’re running a website, or even if you’re a webmaster, you will definitely come across users that are annoying to the core.They may spam comments, or are just a nuisance for other users on your website. Another, more alarming reason for constant requests by a specific IP address is the security threat of a brute force attack on your website. In either case, you’ll just want to get rid of them pronto!

What these users are doing is they’re sending too many requests, and the best way to deal with them is to block their IP address. To do this is fairly easy if you’re using a Linux OS. You’ll have to use iptables to access IP Addresses on Linux.

Follow this article for all the commands to access IP addresses on your website and block them.

Note: You’ll have to log in on your web server with a secure connection that grants you ‘root’ access.

How to block an IP address using ‘iptables’ Tool

In order to block a specific IP Address, you’ll need to use the iptables tool or the netfilter firewall. First log-in to your server or shell as a root user.

Read: How to analyze Linux systemd logs using journalctl advanced filtering options

1. For using the iptables tool type the following commands in your shell

# iptables -A INPUT -s IP-ADDRESS -j DROP

2. Instead of the “IP-ADDRESS” write the exact IP address. For example if the IP address you want to block is 201.168.545.2, you’ll edit your command as

# iptables -A INPUT -s 201.168.545.2 -j DROP

3. To save the command run the following command

sudo service iptables save

4. In order to verity the rule type the command

sudo iptables -L

Read: Configuring static and dynamic IP Addresses in Ubuntu using Netplan 

How to block an IP address using the ‘firewalld’ Tool

If you have Red Hat Enterprise Linux 7, CentOS 7, or Fedora 18, you’ll have the firewalld tool available. In order to use the firewalld tool to block IP addresses follow the steps below.

1. First make sure that firewalld is enabled on your system by using the following command

sudo systemctl status firewalld

In case the firewalld is not running you’ll have to use the iptables tool as mentioned before.

2. In order to block the IP address, use the following command

Sudo firewall-cmd –permanent –add-rich-rule=”rule family=’ipv4’ source address=’xxx.xxx.xxx.xxx.’ reject”

3. Use the following command to reload rules

sudo firewall-cmd – reload

4. And finally, use the following command to verify the rules

sudo firewall-cmd – – list-all

How to block and IP address using the Uncomplicated Firewall or UFW

If you’re using Ubuntu OS 8.04, you’ll have the UFW tool. Follow the commands below to block an IP address.

1. Use the following command to see if Uncomplicated Firewall is running on your system

sudo systemctl status ufw

2. Use the following command to block IP address

sudo ufw deny from xxx.xxx.xxx.xxx to any

3. In order to verify the rule use the following command

sudo ufw status

Conclusion

Use the above-mentioned commands to block any irritating IP address that might be pestering you!

 


If you like the content, we would appreciate your support by buying us a coffee. Thank you so much for your visit and support.

 

Leave a Reply