Tag Archives: ufw

Rules in UFW not working?

Check the order…I stupidly assumed it would match the last rule as that’s the most recent rule you’ve added…but nope!  It matches the first rule, so if you add a rule to allow incoming connections on port 80, then try and block an IP address that’s spamming you with bad requests, it won’t work unless you add an extra parameter (that I’d not heard of before, and I’ve read a few posts on setting up / using UFW – it’s right at the end of the list of parameters on the UFW online man page though) to push the new rule above others.

It also doesn’t add a rule if you have the same existing rule, even if you’re trying to add it above the existing rule (ie, give it a higher priority).

So, list the existing rules with numbers:

ufw status numbered

Delete any rules you want to move up (eg, rule number 8):

ufw delete 8

Add a rule in a particular place (eg, at the very top of the rules):

ufw insert 1 deny from bad.spammy.ip.address