I followed your tutorial to install Apache/Tomcat 8.5 on Debian. Then I followed your advice to install ufw. However Apache does not show in “ufw app list” and it does not seem to filter IP addresses I added with “ufw deny from” Example: ufw deny from 220.127.116.11/16 /var/log/apache2/access.log … 18.104.22.168 - - [26/Dec/2019:07:41:24 +0100] "GET /myWebApp/servlet/ etc … What have I missed ?
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Click below to sign up and get $200 of credit to try our products over 60 days!
I’ll most probably guess you have put the rule at the bottom. The order of the firewall rules is important. Since you have allowed port 80 for all( I would only assume) at the beginning, this rule will match for all request and the deny rule that comes later will never be matched.
So, if you need to block something particularly, put it at the beginning and then allow all.
To see your rules with a reference number, use this:
Then remove the deny rule first that you have added:
Then add it again at the top:
Hi KDSys, Thanks a lot for your help. Your guess about the place where I put the rule is right!
My ufw status says: Status: active
[ 1] 22 DENY IN Anywhere [ 2] 50683 ALLOW IN Anywhere [ 3] 80 DENY IN Anywhere [ 4] 443 ALLOW IN Anywhere [ 5] Anywhere DENY IN 22.214.171.124 [ 6] 5432 ALLOW IN Anywhere [ 7] 5555 ALLOW IN Anywhere [ 8] Anywhere DENY IN 126.96.36.199 [ 9] Anywhere DENY IN 188.8.131.52/22  Anywhere DENY IN 184.108.40.206  Anywhere DENY IN 220.127.116.11/22  Anywhere DENY IN 18.104.22.168  Anywhere DENY IN 22.214.171.124/22  Anywhere DENY IN 126.96.36.199  Anywhere DENY IN 188.8.131.52/16  Anywhere DENY IN 184.108.40.206/16  Anywhere DENY IN 220.127.116.11/16  Anywhere DENY IN 18.104.22.168/16  Anywhere DENY IN 22.214.171.124/16  Anywhere DENY IN 126.96.36.199/16  22 DENY IN Anywhere (v6)  50683 ALLOW IN Anywhere (v6)  80 DENY IN Anywhere (v6)  443 ALLOW IN Anywhere (v6)  5432 ALLOW IN Anywhere (v6)  5555 ALLOW IN Anywhere (v6)
So if I understand you correctly I have to: ufw delete 15 ufw insert 1 deny from 188.8.131.52/16 to any
That’s what I did and now ufw staus says: Status: active
[ 1] Anywhere DENY IN 184.108.40.206/16 [ 2] 22 DENY IN Anywhere [ 3] 50683 ALLOW IN Anywhere [ 4] 80 DENY IN Anywhere [ 5] 443 ALLOW IN Anywhere etc …
Does it look correct ? I’ll check soon my ufw.log and if I see some 46.229.xxx.yyy blocked, I’ll repeat it for my other DENY’s with ufw insert 2(3,4, etc) deny from …
Do I have to do something similar for v6 rules ?