most efficient way to block an ip address from connecting to a ubuntu 18.04 server [on hold] The 2019 Stack Overflow Developer Survey Results Are In Unicorn Meta Zoo #1: Why another podcast? Announcing the arrival of Valued Associate #679: Cesar Manara Come Celebrate our 10 Year Anniversary!A secure, standard iptables rule-set for a basic HTTP(s) webserverProblems connecting to my FTP server from another serverServer migration: most efficient wayUbuntu Server: Attack on blocked ports leads to Ping timeoutTCPDump and IPTables DROP by stringHow Temporarily block an IP address making too many hits on the Server with iptables?Block direct access to webserver IP via HTTPSCan a static IP be shared?Cisco Routers and ACL with minimal interruptionBlock specific client in Linux iptables

Example of compact Riemannian manifold with only one geodesic.

University's motivation for having tenure-track positions

Is 'stolen' appropriate word?

What is the padding with red substance inside of steak packaging?

What happens to a Warlock's expended Spell Slots when they gain a Level?

Match Roman Numerals

How to politely respond to generic emails requesting a PhD/job in my lab? Without wasting too much time

Windows 10: How to Lock (not sleep) laptop on lid close?

Button changing its text & action. Good or terrible?

Can each chord in a progression create its own key?

Why can't devices on different VLANs, but on the same subnet, communicate?

Make it rain characters

How to read αἱμύλιος or when to aspirate

Why don't hard Brexiteers insist on a hard border to prevent illegal immigration after Brexit?

Are spiders unable to hurt humans, especially very small spiders?

Do working physicists consider Newtonian mechanics to be "falsified"?

Accepted by European university, rejected by all American ones I applied to? Possible reasons?

How do spell lists change if the party levels up without taking a long rest?

how can a perfect fourth interval be considered either consonant or dissonant?

Loose spokes after only a few rides

My body leaves; my core can stay

60's-70's movie: home appliances revolting against the owners

One-dimensional Japanese puzzle

Python - Fishing Simulator



most efficient way to block an ip address from connecting to a ubuntu 18.04 server [on hold]



The 2019 Stack Overflow Developer Survey Results Are In
Unicorn Meta Zoo #1: Why another podcast?
Announcing the arrival of Valued Associate #679: Cesar Manara
Come Celebrate our 10 Year Anniversary!A secure, standard iptables rule-set for a basic HTTP(s) webserverProblems connecting to my FTP server from another serverServer migration: most efficient wayUbuntu Server: Attack on blocked ports leads to Ping timeoutTCPDump and IPTables DROP by stringHow Temporarily block an IP address making too many hits on the Server with iptables?Block direct access to webserver IP via HTTPSCan a static IP be shared?Cisco Routers and ACL with minimal interruptionBlock specific client in Linux iptables



.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty height:90px;width:728px;box-sizing:border-box;








-2















Since i do not have access to other layers, i would like to know the most efficient way to block an ip address from connecting to a Ubuntu 18.04 server. To the box itself, they are most likely connecting to port 80. However i would like to block access across all ports to this ip address.



I am aware of adding a record in iptables. By most efficient i mean, the least amount of layers the packet goes through. Kind of like blocking using iptables happens before block using an apache config on the webserver itself.



Are there any other better ways?



Thanks






linux ubuntu ip tcp ip-address







share|improve this question







New contributor




user964491 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.











put on hold as off-topic by yoonix, Jenny D, Ward 3 hours ago


This question appears to be off-topic. The users who voted to close gave this specific reason:


  • "Requests for product, service, or learning material recommendations are off-topic because they attract low quality, opinionated and spam answers, and the answers become obsolete quickly. Instead, describe the business problem you are working on, the research you have done, and the steps taken so far to solve it." – yoonix, Ward
If this question can be reworded to fit the rules in the help center, please edit the question.











  • 1





    route add THEIPADDRESS 127.0.0.1 will mean they never get any packets accepted and therefore cannot connect.

    – Jenny D
    2 days ago

















-2















Since i do not have access to other layers, i would like to know the most efficient way to block an ip address from connecting to a Ubuntu 18.04 server. To the box itself, they are most likely connecting to port 80. However i would like to block access across all ports to this ip address.



I am aware of adding a record in iptables. By most efficient i mean, the least amount of layers the packet goes through. Kind of like blocking using iptables happens before block using an apache config on the webserver itself.



Are there any other better ways?



Thanks






linux ubuntu ip tcp ip-address







share|improve this question







New contributor




user964491 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.











put on hold as off-topic by yoonix, Jenny D, Ward 3 hours ago


This question appears to be off-topic. The users who voted to close gave this specific reason:


  • "Requests for product, service, or learning material recommendations are off-topic because they attract low quality, opinionated and spam answers, and the answers become obsolete quickly. Instead, describe the business problem you are working on, the research you have done, and the steps taken so far to solve it." – yoonix, Ward
If this question can be reworded to fit the rules in the help center, please edit the question.











  • 1





    route add THEIPADDRESS 127.0.0.1 will mean they never get any packets accepted and therefore cannot connect.

    – Jenny D
    2 days ago













-2












-2








-2








Since i do not have access to other layers, i would like to know the most efficient way to block an ip address from connecting to a Ubuntu 18.04 server. To the box itself, they are most likely connecting to port 80. However i would like to block access across all ports to this ip address.



I am aware of adding a record in iptables. By most efficient i mean, the least amount of layers the packet goes through. Kind of like blocking using iptables happens before block using an apache config on the webserver itself.



Are there any other better ways?



Thanks






linux ubuntu ip tcp ip-address







share|improve this question







New contributor




user964491 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.












Since i do not have access to other layers, i would like to know the most efficient way to block an ip address from connecting to a Ubuntu 18.04 server. To the box itself, they are most likely connecting to port 80. However i would like to block access across all ports to this ip address.



I am aware of adding a record in iptables. By most efficient i mean, the least amount of layers the packet goes through. Kind of like blocking using iptables happens before block using an apache config on the webserver itself.



Are there any other better ways?



Thanks






linux ubuntu ip tcp ip-address




linux ubuntu ip tcp ip-address






share|improve this question







New contributor




user964491 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.











share|improve this question







New contributor




user964491 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









share|improve this question




share|improve this question






New contributor




user964491 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









asked Apr 8 at 14:39









user964491user964491

992




992




New contributor




user964491 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.





New contributor





user964491 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.






user964491 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.




put on hold as off-topic by yoonix, Jenny D, Ward 3 hours ago


This question appears to be off-topic. The users who voted to close gave this specific reason:


  • "Requests for product, service, or learning material recommendations are off-topic because they attract low quality, opinionated and spam answers, and the answers become obsolete quickly. Instead, describe the business problem you are working on, the research you have done, and the steps taken so far to solve it." – yoonix, Ward
If this question can be reworded to fit the rules in the help center, please edit the question.







put on hold as off-topic by yoonix, Jenny D, Ward 3 hours ago


This question appears to be off-topic. The users who voted to close gave this specific reason:


  • "Requests for product, service, or learning material recommendations are off-topic because they attract low quality, opinionated and spam answers, and the answers become obsolete quickly. Instead, describe the business problem you are working on, the research you have done, and the steps taken so far to solve it." – yoonix, Ward
If this question can be reworded to fit the rules in the help center, please edit the question.







  • 1





    route add THEIPADDRESS 127.0.0.1 will mean they never get any packets accepted and therefore cannot connect.

    – Jenny D
    2 days ago












  • 1





    route add THEIPADDRESS 127.0.0.1 will mean they never get any packets accepted and therefore cannot connect.

    – Jenny D
    2 days ago







1




1





route add THEIPADDRESS 127.0.0.1 will mean they never get any packets accepted and therefore cannot connect.

– Jenny D
2 days ago





route add THEIPADDRESS 127.0.0.1 will mean they never get any packets accepted and therefore cannot connect.

– Jenny D
2 days ago










1 Answer
1






active

oldest

votes


















6














In general, earlier denial means less load and potentially malicious traffic reaches your compute.



A network level firewall prevents packets from reaching the host.



A host level firewall prevents packets from reaching applications.



An application layer access list has not prevented the connection, but may deny servicing the request. If you know you don't want a given address or port, a firewall rule would be more efficient.






share|improve this answer





























    1 Answer
    1






    active

    oldest

    votes








    1 Answer
    1






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    6














    In general, earlier denial means less load and potentially malicious traffic reaches your compute.



    A network level firewall prevents packets from reaching the host.



    A host level firewall prevents packets from reaching applications.



    An application layer access list has not prevented the connection, but may deny servicing the request. If you know you don't want a given address or port, a firewall rule would be more efficient.






    share|improve this answer



























      6














      In general, earlier denial means less load and potentially malicious traffic reaches your compute.



      A network level firewall prevents packets from reaching the host.



      A host level firewall prevents packets from reaching applications.



      An application layer access list has not prevented the connection, but may deny servicing the request. If you know you don't want a given address or port, a firewall rule would be more efficient.






      share|improve this answer

























        6












        6








        6







        In general, earlier denial means less load and potentially malicious traffic reaches your compute.



        A network level firewall prevents packets from reaching the host.



        A host level firewall prevents packets from reaching applications.



        An application layer access list has not prevented the connection, but may deny servicing the request. If you know you don't want a given address or port, a firewall rule would be more efficient.






        share|improve this answer













        In general, earlier denial means less load and potentially malicious traffic reaches your compute.



        A network level firewall prevents packets from reaching the host.



        A host level firewall prevents packets from reaching applications.



        An application layer access list has not prevented the connection, but may deny servicing the request. If you know you don't want a given address or port, a firewall rule would be more efficient.







        share|improve this answer












        share|improve this answer



        share|improve this answer










        answered Apr 8 at 17:02









        John MahowaldJohn Mahowald

        8,7411713




        8,7411713













            -

            Popular posts from this blog

            Club Baloncesto Breogán Índice Historia | Pavillón | Nome | O Breogán na cultura popular | Xogadores | Adestradores | Presidentes | Palmarés | Historial | Líderes | Notas | Véxase tamén | Menú de navegacióncbbreogan.galCadroGuía oficial da ACB 2009-10, páxina 201Guía oficial ACB 1992, páxina 183. Editorial DB.É de 6.500 espectadores sentados axeitándose á última normativa"Estudiantes Junior, entre as mellores canteiras"o orixinalHemeroteca El Mundo Deportivo, 16 setembro de 1970, páxina 12Historia do BreogánAlfredo Pérez, o último canoneiroHistoria C.B. BreogánHemeroteca de El Mundo DeportivoJimmy Wright, norteamericano do Breogán deixará Lugo por ameazas de morteResultados de Breogán en 1986-87Resultados de Breogán en 1990-91Ficha de Velimir Perasović en acb.comResultados de Breogán en 1994-95Breogán arrasa al Barça. "El Mundo Deportivo", 27 de setembro de 1999, páxina 58CB Breogán - FC BarcelonaA FEB invita a participar nunha nova Liga EuropeaCharlie Bell na prensa estatalMáximos anotadores 2005Tempada 2005-06 : Tódolos Xogadores da Xornada""Non quero pensar nunha man negra, mais pregúntome que está a pasar""o orixinalRaúl López, orgulloso dos xogadores, presume da boa saúde económica do BreogánJulio González confirma que cesa como presidente del BreogánHomenaxe a Lisardo GómezA tempada do rexurdimento celesteEntrevista a Lisardo GómezEl COB dinamita el Pazo para forzar el quinto (69-73)Cafés Candelas, patrocinador del CB Breogán"Suso Lázare, novo presidente do Breogán"o orixinalCafés Candelas Breogán firma el mayor triunfo de la historiaEl Breogán realizará 17 homenajes por su cincuenta aniversario"O Breogán honra ao seu fundador e primeiro presidente"o orixinalMiguel Giao recibiu a homenaxe do PazoHomenaxe aos primeiros gladiadores celestesO home que nos amosa como ver o Breo co corazónTita Franco será homenaxeada polos #50anosdeBreoJulio Vila recibirá unha homenaxe in memoriam polos #50anosdeBreo"O Breogán homenaxeará aos seus aboados máis veteráns"Pechada ovación a «Capi» Sanmartín e Ricardo «Corazón de González»Homenaxe por décadas de informaciónPaco García volve ao Pazo con motivo do 50 aniversario"Resultados y clasificaciones""O Cafés Candelas Breogán, campión da Copa Princesa""O Cafés Candelas Breogán, equipo ACB"C.B. Breogán"Proxecto social"o orixinal"Centros asociados"o orixinalFicha en imdb.comMario Camus trata la recuperación del amor en 'La vieja música', su última película"Páxina web oficial""Club Baloncesto Breogán""C. B. Breogán S.A.D."eehttp://www.fegaba.com

            Image
            Barça LassaBAXI ManresaCafés Candelas BreogánDelteco GBCDivina Seguros JoventutHerbalife Gran CanariaIberostar TenerifeKirolbet BaskoniaMonbus ObradoiroMontakit FuenlabradaMoraBanc AndorraMovistar EstudiantesReal MadridSan Pablo BurgosTecnyconta ZaragozaUCAM MurciaUnicajaValencia Basket Club Baloncesto Breogán baloncestoLugoGalicia1966JuanJosé Ramón Varela Portasmáxima categoría1970competicións europeasLiga ACBPavillón MunicipalPazo dos DeportesJesús Lázareliga EBAClub Estudiantes1965Lugobaloncestosegunda divisiónJosé RamónJuan Varela-Portas y Pardo1966Celestino Fernández de la Vega196869primeira divisiónZaragozaprimeira divisiónReal MadridJoventutEstudiantes19701971máxima categoría estatal11 de outubro1970Palacio dos DeportesLugoTenerifeMadridReal MadridAlfredo PérezBreogán19711972TenerifeMadridvascocatalánAlfredo PérezespañolMadridLugoManresa La Casera19741975As...
            Read more

            Vilaño, A Laracha Índice Patrimonio | Lugares e parroquias | Véxase tamén | Menú de navegación43°14′52″N 8°36′03″O / 43.24775, -8.60070

            Image
            Parroquias da LarachaParroquias de Galicia baixo a advocación de Santiago o Maior coruñésLarachacomarca de BergantiñosIGE20131999castro de Montesclarospoboado castrexoidade de ferroromanización de Galiciamiliariopazo de Montesclarosséculo XIXAmboadeA AreosaA BarreiraBos AiresA BoticaAs Brañas da ViñaAs BrañasBusteloOs CanedosFerreirosAs FervenzasA Fonte da CanleO FormigueiroFornelosA FragaFragundeGravidoA LamelaMarfuloOs MeánsMontes ClarosA PanelaO PazoQuintánsRibelaSamiroO SeixoA TelleiraVilañoVilanovaA ViñaVista AlegreCabovilaño (San Román)Caión (Santa María do Socorro)Coiro (San Xián)Erboedo (Santa María)Golmar (San Bieito)Lemaio (Santa Mariña)Lendo (San Xián)Lestón (San Martiño)Montemaior (Santa María Madanela)Soandres (San Pedro)Soutullo (Santa María)Torás (Santa María)Vilaño (Santiago) Vilaño, A Laracha Na Galipedia, a Wi...
            Read more

            Cegueira Índice Epidemioloxía | Deficiencia visual | Tipos de cegueira | Principais causas de cegueira | Tratamento | Técnicas de adaptación e axudas | Vida dos cegos | Primeiros auxilios | Crenzas respecto das persoas cegas | Crenzas das persoas cegas | O neno deficiente visual | Aspectos psicolóxicos da cegueira | Notas | Véxase tamén | Menú de navegación54.054.154.436928256blindnessDicionario da Real Academia GalegaPortal das Palabras"International Standards: Visual Standards — Aspects and Ranges of Vision Loss with Emphasis on Population Surveys.""Visual impairment and blindness""Presentan un plan para previr a cegueira"o orixinalACCDV Associació Catalana de Cecs i Disminuïts Visuals - PMFTrachoma"Effect of gene therapy on visual function in Leber's congenital amaurosis"1844137110.1056/NEJMoa0802268Cans guía - os mellores amigos dos cegosArquivadoEscola de cans guía para cegos en Mortágua, PortugalArquivado"Tecnología para ciegos y deficientes visuales. Recopilación de recursos gratuitos en la Red""Colorino""‘COL.diesis’, escuchar los sonidos del color""COL.diesis: Transforming Colour into Melody and Implementing the Result in a Colour Sensor Device"o orixinal"Sistema de desarrollo de sinestesia color-sonido para invidentes utilizando un protocolo de audio""Enseñanza táctil - geometría y color. Juegos didácticos para niños ciegos y videntes""Sistema Constanz"L'ocupació laboral dels cecs a l'Estat espanyol està pràcticament equiparada a la de les persones amb visió, entrevista amb Pedro ZuritaONCE (Organización Nacional de Cegos de España)Prevención da cegueiraDescrición de deficiencias visuais (Disc@pnet)Braillín, un boneco atractivo para calquera neno, con ou sen discapacidade, que permite familiarizarse co sistema de escritura e lectura brailleAxudas Técnicas36838ID00897494007150-90057129528256DOID:1432HP:0000618D001766C10.597.751.941.162C97109C0155020

            Image
            OftalmoloxíaDiscapacidade sentidovistaNorteaméricaEuropaollopaíses en vías de desenvolvementopaíses desenvolvidos2014Organización Mundial da SaúdeGaliciaretinopatía diabéticaglaucomaresto visualagudeza visualcampo visualterapia xénicaretinavirus do arrefriado comúncanadestradoséculo XIXLouis Brailleteclado brailleescáneresrecoñecemento óptico de caractereslectores de pantallacorsinestesiafrauta doceamareloclarineteazultamboresvermellopianoverdeSistema Constanzsemáforocans guíaBrailletactosoftwaretactoeuroAvuiséculo XXUnión SoviéticaFranciaItaliaInglaterraNataciónatletismociclismojudoesquífútbol salamontañismoxadrezgoalballsociedademúsicosindixentesprofetassabiosoídotactomúsicarisatactooídolinguaxePiaget (function()var node=document.getElementById("mw-dismissablenotice-anonplace");if(node)node.outerHTML="u003Cdiv class="mw-dismissable-notice"u0...
            Read more