Question
Completely block IP from accessing server and postgresql
- Posted on April 5, 2022
- FirewallPostgreSQL
Asked by CuteGreenBlueMantaRay
Hi,
OS - UBUNTU 20.04
Problem:
Recently our server and database (postgresql) being attacked by specific IP (45.155.204.146). The IP keep on trying to connect to our database and we believe subsequently cause our postgresql service to shutdown.
Postgresql log example:
2022-04-03 09:51:31.239 UTC [366035] pgsql@postgres FATAL: no pg_hba.conf entry for host "45.155.204.146", user "pgsql", database "postgres", SSL off
2022-04-03 09:52:59.562 UTC [366104] postgres@postgres FATAL: no pg_hba.conf entry for host "45.155.204.146", user "postgres", database "postgres", SSL off
2022-04-03 09:53:37.846 UTC [366149] postgres@postgres FATAL: no pg_hba.conf entry for host "45.155.204.146", user "postgres", database "postgres", SSL off
2022-04-03 09:54:04.698 UTC [285005] LOG: received smart shutdown request
What have we done to prevent:
- Use ufw to allow only specific IP (our app server) to access port 5432/tcp
- Use ufw to specifically block that IP 45.155.204.146
We appreciate any suggestion and idea before we proceed with whole server redo.
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Hi @CuteGreenBlueMantaRay,
Usually, in such cases, it’s always best to just block the IP using your Firewall, that’s the most straightforward solution with the quickest results.
Whether it’s UFW or CSF or just plain IPTables, it doesn’t matter as long as you block it from there.