Have you found an IP address trying to “crack” or “hack” into your computer, website, or server? This article will show you how to easily permanently ban an IP address in Linux with the program called ufw.
Ubuntu and its derivatives should come with ufw by default. In other os’es like Debian, you can install ufw with
sudo apt-get install ufw, or just search the package manager for your distro and look for ufw. UFW stands for “Uncomplicated Firewall”, and it really is very easy to use.
Let’s assume that you checked your log files in
and you found an unwelcome “blackhat hacker’s” computer along with its IP address trying to hack into your site. Well, thankfully there is an easy way to permanently ban an ip address in Linux.
Below is a real example of a part of an nginx log file where someone was trying to hack into one of my sites:
How To Permanently Ban An IP Address In Linux
The form of how to permanently ban an ip address in Linux is below:
sudo ufw deny from persons_ip_address to any
Let’s say the ip address you want to ban is 127.0.0.3
Then the command would be;
sudo ufw deny from 127.0.0.3 to any
All you need to do is to change the ip address that you want to ban.
To check that the ban is in place, you can run the following command
sudo ufw status
You should see output like the following (remember that the ip address will be likely be different based on what you chose.)
Status: active To Action From -- ------ ---- Anywhere DENY 127.0.0.3
How To Remove A Permanent Ban In UFW
If you decide you want to unban an ip address in ufw, it’s easy to do so.
The basic form of removing a permanent ban is like the following:
sudo ufw delete deny from persons_ip_address to any
To unban 127.0.0.3, you would run:
sudo ufw delete deny from 127.0.0.3 to any
And, you can check that the ip address was unbanned with the following command:
sudo ufw status
With the above command’s output, you should have seen that the IP address is no longer permanently banned.
Did you like this article? Do you have anything to add? Let’s discuss it in the comments below.