I followed your tutorial to install Apache/Tomcat 8.5 on Debian. Then I followed your advice to install ufw. However Apache does not show in “ufw app list” and it does not seem to filter IP addresses I added with “ufw deny from” Example: ufw deny from 46.229.0.0/16 /var/log/apache2/access.log … 46.229.168.131 - - [26/Dec/2019:07:41:24 +0100] "GET /myWebApp/servlet/ etc … What have I missed ?
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Sign up for Infrastructure as a Newsletter.
Working on improving health and education, reducing inequality, and spurring economic growth? We'd like to help.
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
Hi @ZajaczkowskiMathias,
I’ll most probably guess you have put the rule at the bottom. The order of the firewall rules is important. Since you have allowed port 80 for all( I would only assume) at the beginning, this rule will match for all request and the deny rule that comes later will never be matched.
So, if you need to block something particularly, put it at the beginning and then allow all.
To see your rules with a reference number, use this:
Then remove the deny rule first that you have added:
Then add it again at the top:
Regards, KDSys
Hi KDSys, Thanks a lot for your help. Your guess about the place where I put the rule is right!
My ufw status says: Status: active
[ 1] 22 DENY IN Anywhere [ 2] 50683 ALLOW IN Anywhere [ 3] 80 DENY IN Anywhere [ 4] 443 ALLOW IN Anywhere [ 5] Anywhere DENY IN 216.244.66.195 [ 6] 5432 ALLOW IN Anywhere [ 7] 5555 ALLOW IN Anywhere [ 8] Anywhere DENY IN 91.242.162.70 [ 9] Anywhere DENY IN 157.55.0.0/22 [10] Anywhere DENY IN 216.245.221.82 [11] Anywhere DENY IN 66.249.0.0/22 [12] Anywhere DENY IN 3.233.224.8 [13] Anywhere DENY IN 40.77.0.0/22 [14] Anywhere DENY IN 85.25.177.219 [15] Anywhere DENY IN 46.229.0.0/16 [16] Anywhere DENY IN 157.55.0.0/16 [17] Anywhere DENY IN 66.249.0.0/16 [18] Anywhere DENY IN 40.77.0.0/16 [19] Anywhere DENY IN 207.46.0.0/16 [20] Anywhere DENY IN 17.58.0.0/16 [21] 22 DENY IN Anywhere (v6) [22] 50683 ALLOW IN Anywhere (v6) [23] 80 DENY IN Anywhere (v6) [24] 443 ALLOW IN Anywhere (v6) [25] 5432 ALLOW IN Anywhere (v6) [26] 5555 ALLOW IN Anywhere (v6)
So if I understand you correctly I have to: ufw delete 15 ufw insert 1 deny from 46.229.0.0/16 to any
That’s what I did and now ufw staus says: Status: active
[ 1] Anywhere DENY IN 46.229.0.0/16 [ 2] 22 DENY IN Anywhere [ 3] 50683 ALLOW IN Anywhere [ 4] 80 DENY IN Anywhere [ 5] 443 ALLOW IN Anywhere etc …
Does it look correct ? I’ll check soon my ufw.log and if I see some 46.229.xxx.yyy blocked, I’ll repeat it for my other DENY’s with ufw insert 2(3,4, etc) deny from …
Do I have to do something similar for v6 rules ?
Kind regards.