How to Whitelist IP Addresses Using an Internal Firewall on Linux

This guide explains how to allow specific IP addresses through your Linux server’s firewall, a key step in keeping your network secure. By whitelisting IPs, you ensure only trusted traffic can access your system. This simple and practical guide is perfect for anyone looking to enhance their server’s security by controlling access via the internal firewalls.


How to Whitelist IP Addresses Using an Uncomplicated Firewall

If your server uses an Ubuntu operating system, Uncomplicated Firewall (UFW) is a user-friendly interface for managing netfilter firewall rules. Its simplicity makes it easy for administrators to secure their servers. Here’s how you can whitelist an IP address with UFW:


Step 1: Connect to Your Server

You can do this using SSH or the Kamatera management panel console. If you need more help, read our step-by-step guide on connecting to your server.


Step 2: Enable UFW

This entails executing the command ufw enable if it’s not already active.


Step 3: Whitelist an IP Address

Do this by running ufw allow from [IP_ADDRESS].


Step 4: Confirm New Rule

Check ufw status to ensure that your action went through.


How to Safely Add IP Rules with IPTables

IPTables is a robust tool included in most Linux distributions, directly integrated into the Linux kernel. It allows for configuring network packet filtering rules. Follow these steps to whitelist an IP address:


Step 1: Access your server through SSH or the Kamatera console.

Step 2: Insert an IP whitelist rule with the command iptables -I INPUT -s [IP_ADDRESS] -j ACCEPT.

Step 3: Preserve the changes across reboots by saving with sudo iptables-save.


Guide to Using Firewalld for Server Protection

For systems with Firewalld, managing your firewall rules can be straightforward with the right commands. Here’s the process to add an IP to your whitelist:


Step 1: Log into your server via SSH or console connection.

Step 2: Start Firewalld if it’s not running with systemctl start firewalld.

Step 3: Add the IP to the whitelist by executing firewall-cmd –permanent –zone=public –add-source=[IP_ADDRESS].

Step 4: Make the changes effective by reloading Firewalld with firewall-cmd –reload


How to Configure CSF for Enhanced Security

ConfigServer Security & Firewall (CSF) is a popular security solution for servers. To add an IP to your whitelist in CSF, follow these steps:

Step 1: Log into your server where CSF is installed.

Step 2: Whitelist an IP by running csf -a “ip address” or by adding it to /etc/csf/csf.allow.

Step 3: Restart CSF to apply changes using sudo csf -r.



Have additional questions? Search below: