(Photo: Jordan W)

I have been doing some housekeeping on my VPS, and decided there's a few ports that should only be accessed by certain IP addresses for security purposes.

My VPS uses Linux, so I had to find a way to somehow changing my iptables settings to block the specific ports to every IP address, except for the ones I specified.

It's pretty straight forward, and here  how you can block a specific port to everyone except for some IP addresses (the instructions are for Centos 5.5, but should work for other distros without problems):

Open our iptables settings file:

sudo nano /etc/sysconfig/iptables

Above your ACCEPT settings, include:

#IPs accepted to access port 5000 -A INPUT -p tcp -s 127.0.0.1 --dport 5000 -j ACCEPT -A INPUT -p tcp -s 175.74.74.74 --dport 5000 -j ACCEPT -A INPUT -p tcp -s 200.138.5.2 --dport 5000 -j ACCEPT

On the lines above, I create one exception per IP, as all of the IP's I want to access port 5000 are different and come from different geolocations. I could use a range of IP's as well:

-A INPUT -p tcp -s iprange --src-range 11.22.33.10-11.22.33.50 --dport 5000 -j ACCEPT

Therefore, it would aggregate all the IP's starting at 11.22.33.10 until 11.22.33.50.

After making all my changes, I simply restart iptables:

service iptables restart