How to block an IP Address on a Linux Server

Introduction

In order to block IP using iptables , you can execute following commands up on your condition.

  • If you want to block an ip address from accessing your server then type the commands as follows:
iptables -A INPUT -s IP-ADDRESS -j DROP

Example :

iptables -A INPUT -s 10.10.10.10 -j DROP
</p>
<p>
	service iptables save
</p>
<p>
	service iptables reload

This command will block network connections originate from IP address - 10.10.10.10

  • For block access to one port from an IP 10.10.10.10 to port 25
iptables -A INPUT -s 10.10.10.10 -p tcp --destination-port 25 -j DROP
</p>
<p>
	service iptables save
</p>
<p>
	service iptables reload
  • To allow incoming ssh connections only from IP - 11.11.11.11 and block all other IPs.
iptables -A INPUT -p tcp --dport 22 -s 11.11.11.11 -j ACCEPT
</p>
<p>
	iptables -A INPUT -p tcp --dport 22 -j DROP
</p>
<p>
	service iptables save
</p>
<p>
	service iptables reload

You can use following commands to block IP address to access the server using ConfigServer Security & Firewall (CSF).

The IP will be added to the block list – /etc/csf/csf.deny file If you block the IP using CSF.

  • Permanently blocking an IP address from accessing the server.
csf -d IPaddress
</p>
<p>
	service csf restart

Example - Block IP address 10.10.10.10 to access the server.

csf -d 10.10.10.10
  • Temporarily block an IP address from accessing the server.
csf -td IPaddress ttl

Example - Block the IP address 10.10.10.10 temporarily (1 hour )to access the server.

csf -td 10.10.10.10

Block the IP address 10.10.10.10 temporarily (2 hour )to access the server

root@web22 [~]# csf -td 10.10.10.10 7200
</p>
<p>
	DROP  all opt -- in !lo out *  10.10.10.10  -> 0.0.0.0/0
</p>
<p>
	csf: 10.10.10.10 blocked on port * for 7200 seconds inbound

Important CSF Commands

csf -s- Start the firewall rules
csf -f- Flush/Stop firewall rules
csf -r- Restart the firewall rules
csf -e- Enable the firewall rules
csf -x- Disable the firewall rules
csf -a IPaddress - Allow an IP address in server firewall
csf -td IPaddress ttl - Block an IP (by default - 1 hour ) temporarily
csf -tr IPaddress - Remove an IP from the temporary IP ban or allow list.
csf -d IPaddress - Deny an IP.
csf -dr IPaddress - Remove an IP from the firewall blocklist.
Did you find this helpfull?
Yes No
0 visitors find it usefull.