Does order of UFW rules matter?

firewall spam ufw

Solution 1:

Does the order of the rules actually matter?

Yes it does. Denies should be first in this case since they are more specific (more specific rules should go first). Example

Is there a more effective way to handle spammy requests than manually

fail2ban can scan logs, and add IPs to many types of filtering systems that match defined patterns.

Solution 2:

You can instruct ufw to insert rules at a given position:

ufw insert 1 deny from <ip> to any

This inserts the deny rule in first position instead of last.

Related

Default value of /proc/sys/fs/file-max
What does try_files do in this nginx configuration?
How to check if firewalld is blocking an incoming ip address?
What happens in the real world Internet - BGP and OSPF?
Manage SSH keys
Unable to create mysql database through ansible
Proxy Websockets and HTTP through the same location in Nginx
ssh on cygwin (win10): read_passphrase: can't open /dev/tty:
How can I add in Apache Feature Policy Header?
SSH "lag" in LAN on some machines, mixed distros [closed]
Investigating beyond RAID for disk cluster in a server, is Dynamic Disk Pool comparable? [closed]
In windows systems, is renaming files functionally similar to deleting them?