How to use IPTables to block all SSH traffic (port 22) except for your IP

Blocking traffic to port 22 (SSH) is one of the first steps you should take when hardening a server. Locking down port 22 not only keeps unwanted people from gaining access to your server, it also helps prevent a certain type of DDoS attacks called SYN floods. Using IPTables and a whitelist approach is the quickest and easiest ways to accomplish this.




1. Add the following rule for each IP address that you want to whitelist:

2. Next, add a rule to block all other IPs:

3. Save your new rules so they persist after reboot:

If you need to remove an IP (thus blocking that IP from being able to access port 22) just change the -A option to -D:

One response to “How to use IPTables to block all SSH traffic (port 22) except for your IP

Leave a Reply

Your email address will not be published. Required fields are marked *

×Mike Everhart

Need Some More Help? Let's Talk!

I'd love to work with you! Fill out the form below to schedule a free consultation to discuss your needs and how I can help.

Need More Help?