This guide explains how to allow specific IP addresses through your Linux server’s firewall, a key step in keeping your network secure. By whitelisting IPs, you ensure only trusted traffic can access your system. This simple and practical guide is perfect for anyone looking to enhance their server’s security by controlling access via the internal firewalls.
If your server uses an Ubuntu operating system, Uncomplicated Firewall (UFW) is a user-friendly interface for managing netfilter firewall rules. Its simplicity makes it easy for administrators to secure their servers. Here’s how you can whitelist an IP address with UFW:
You can do this using SSH or the Kamatera management panel console. If you need more help, read our step-by-step guide on connecting to your server.
This entails executing the command ufw enable if it’s not already active.
Do this by running ufw allow from [IP_ADDRESS].
Check ufw status to ensure that your action went through.
IPTables is a robust tool included in most Linux distributions, directly integrated into the Linux kernel. It allows for configuring network packet filtering rules. Follow these steps to whitelist an IP address:
Step 1: Access your server through SSH or the Kamatera console.
Step 2: Insert an IP whitelist rule with the command iptables -I INPUT -s [IP_ADDRESS] -j ACCEPT.
Step 3: Preserve the changes across reboots by saving with sudo iptables-save.
For systems with Firewalld, managing your firewall rules can be straightforward with the right commands. Here’s the process to add an IP to your whitelist:
Step 1: Log into your server via SSH or console connection.
Step 2: Start Firewalld if it’s not running with systemctl start firewalld.
Step 3: Add the IP to the whitelist by executing firewall-cmd –permanent –zone=public –add-source=[IP_ADDRESS].
Step 4: Make the changes effective by reloading Firewalld with firewall-cmd –reload
ConfigServer Security & Firewall (CSF) is a popular security solution for servers. To add an IP to your whitelist in CSF, follow these steps:
Step 1: Log into your server where CSF is installed.
Step 2: Whitelist an IP by running csf -a “ip address” or by adding it to /etc/csf/csf.allow.
Step 3: Restart CSF to apply changes using sudo csf -r.
Have additional questions? Search below: