I you’re running a web server, you should have noticed that some IP addresses can be found trying to crack your passwords or issuing different queries trying to find a vulnerability in your scripts. If your main Linux firewall is iptables, there are lots of opportunities to enable/disable access using different conditions. We will close incoming connections for a given IP in this post.
You need to be logged in as root in order to issue this command. I’d suggest you to check the command or to create it in your text editor to copy and paste it to your command line. Let’s take we need to close access to the IP address 192.168.0.56. All you need is just to run the command below.
iptables -A INPUT -d 192.168.0.56 -j DROP
Your server will drop all incoming packets from this IP. You can add as many IPs as you like or add IP subnets – it’s your choice. Just don’t add your own IP to test. I pormise you it works without such a test :)