Block IP addresses on Linux box

You got unwanted network traffic I feel bad for you son, I got 99 problems but a DDOS ain’t one.

So, your noticing your site is getting flooded by a ton of malicious traffic, and the traffic all originates from one or a set of IPs (let us say for example the bad range was 154.112.x.x. If you are using AWS VPC, you can simply create a deny http policy under the security group for the instance, ‘deny http 154.112.0.0/16’ and you would be set.

However, lets say you were in EC2 Classic, or lets even say you are not using AWS at all, well, now you have to rely on ip tables.

In order to block an IP address or IP range on your box, you need to SSH in then enter:

‘sudo iptables -A INPUT -s 154.112.0.0/16 -j DROP’

This will then deny all attempts to reach your website from the IP range between 154.112.0.0-154.112.255.255.

You can choose to remove this from your ip tables via this command:

‘sudo iptables -D INPUT -s 154.112.0.0/16 -j DROP’

Finally, if you want to view the rules of your iptables, simply enter ‘sudo iptables –list’

AWESOME GIF ACTION:

Leave a Reply

Your email address will not be published. Required fields are marked *