Results 1 to 2 of 2

Thread: UfW dont deny ip blocks

  1. #1
    Join Date
    Apr 2024

    UfW dont deny ip blocks

    I have a webshop and for the moment it is the target for different spambots that create fake accounts. I can see on the ip address that they all come from a small number of well known abuse ip addresses. I block them in UFW but it seems that they are not blocked, because they concinue coming

    This is my ufw status

    80/tcp ALLOW Anywhere
    443 ALLOW Anywhere
    22/tcp ALLOW Anywhere
    10000 ALLOW Anywhere
    25 ALLOW Anywhere
    Anywhere DENY
    Anywhere DENY
    Anywhere DENY
    Anywhere DENY
    Anywhere DENY
    143,465,587,993/tcp ALLOW Anywhere
    Anywhere DENY

    What do I do wrong


  2. #2
    Join Date
    Nov 2007
    London, England

    Re: UfW dont deny ip blocks

    iptables and nftables parse the rules in order until they find a match, then do whatever that rule says. I assume that ufw does the same. So the higher rules in the list have higher precedence. In which case, any of those port numbers is allowed, and for those ports the DENY rule is never reached.
    Try putting all the more specific DENY entries above the more general ALLOW entries.


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts