How to Block IP Addresses on Linux

Block malicious IPs from accessing your server.

Using UFW

ufw deny from 203.0.113.50\nufw deny from 203.0.113.0/24  # Block entire subnet

Using iptables

iptables -A INPUT -s 203.0.113.50 -j DROP\n\n# Block subnet\niptables -A INPUT -s 203.0.113.0/24 -j DROP\n\n# Save\nnetfilter-persistent save

Using firewalld

firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address="203.0.113.50" drop'\nfirewall-cmd --reload

Verify

ufw status | grep 203.0.113.50\n# or\niptables -L -n | grep 203.0.113.50