Block Countries using UFW or Fail2Ban? Or Block IP if login failed & outside exempt countries?

Hi I am using the WordPress One-Click Install and the WPf2b dashboard shows IPs that aren’t the target audience (United Kingdom). These IPs are from Singapore, India, Thailand and USA -

Date/Time	Priority	Message
2022-09-24 18:39:46 Z	Notice	Authentication attempt for unknown user admin from
2022-09-24 18:31:38 Z	Notice	Authentication attempt for unknown user admin from
2022-09-24 18:20:25 Z	Notice	Authentication attempt for unknown user admin from
2022-09-24 18:14:56 Z	Notice	Authentication attempt for unknown user admin from
2022-09-24 18:06:39 Z	Notice	Authentication attempt for unknown user admin from

Ideally is it possible the DigitalOcean Fail2Ban filters [wordpress-soft] & [wordpress-hard] permanently ban IPs that are not in the United Kingdom? Please can someone advise how to implement?

Or would it be best to block all these countries to save resources? And potentially stop the website being hacked? If yes, how? Should this be done using UFW or Fail2ban?

My concern with a blanket country ban is it might have negative SEO effects and block a genuine customer.

It’s irritating seeing so many bots trying to hack the website. Wouldn’t it just be best to blanket ban the country they are coming from?

My setup is Ubuntu 22.04.1 LTS Apache 2.4.

Any advice is much appreciated.

Thank you

Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Site Moderator
Site Moderator badge
November 19, 2022

Hello there,

The WordPress image that we provide for the 1-click marketplace application includes Fail2ban installed from the default distribution repositories as well as the WordPress Fail2ban plugin that provides integration with WordPress’ authentication system.

These are shipped in the default configuration provided by the WordPress plugin. This configuration should be plenty adequate for most droplets running WordPress but can be further modified and the configuration changed if needed or if you are running additional services that aren’t included in the default configuration.

On another note, you can use CSF to block IPs.

CSF is extremely easy to use and configure.

To block an IP address or range just use:

  1. csf -d IPaddress

We also have a tutorial which you can check here:


Site Moderator
Site Moderator badge
September 26, 2022

Hello, @twc8ac35a8636

You can do this using CSF (ConfigServer Firewall) as well. In order to block a country, you can use the CC_DENY option which accepts two-letter country codes such as the US, GB and etc.

In order to list more than one country you just need to separate them using commas:


You may find a list of ISO 3166-1 alpha-2 code at

If you’re not familiar with CSF or you want to install it on CentOS or Ubuntu droplet check out this mini tutorial:

For CentOS:

and for Ubuntu:

Hope this helps!


I’ve personally done this in the past by using CSF rather than UFW. There is an option in the CSF config that allows you to block specific countries by adding the country code in the CCDENY list in CSF.

Another method would be to use CloudFlare and block the traffic through there. The good thing of doing this is that the traffic would be filtered even before it reaches your server.

Generally speaking, blocking a country would not really prevent a hacker from accessing your website, as they could use a VPN or a proxy server. It is best to keep your website up to date with all of the latest security patches. I would recommend following the steps from this tutorial here on how to secure your WordPress website:

Hope that this helps!



Try DigitalOcean for free

Click below to sign up and get $200 of credit to try our products over 60 days!

Sign up