# How To Whitelist Better Stack IPs in UFW

If you are using
[Uncomplicated Firewall](https://en.wikipedia.org/wiki/Uncomplicated_Firewall)
(UFW) on your system it is a best practice to whitelist Better Stack IPs or
User Agent. This will prevent UFW from blocking Better Stack's monitoring
requests and prevent any false incident alerting.

In this quick tutorial, we will guide you through each step.

## Where can I find Better Stack IPs?

The official documentation provides list of
[all used Better Stack IPs as well as the User Agent](https://betterstack.com/docs/uptime/frequently-asked-questions/#what-ips-does-uptime-use).
They are split into regions for easier navigation.

## Allow incoming connections from specific IP Address

To allow all incoming connections originating from a specific IP address, you
can use the `allow` option of the `ufw` utility.

To allow connections from one IP address, run the following command:

```command
sudo ufw allow from 168.119.96.203
```

```
[output]
Rule added
```

_Don’t forget to replace the IP address with the IP address you want to
whitelist._

## Allow incoming connection from specific IP to a specific network interface

To allow all incoming connections originating from a specific IP address to a
specific network interface on your system, you can use the `allow` option of the
`ufw` utility.

To allow connections, run the following command:

```command
sudo ufw allow in on eth0 from 168.119.96.203
```

```
[output]
Rule added
```

## How to whitelist multiple addresses at once

To whitelist multiple addresses in one go, you need to create a simple shell
script that will do the hard work. In the Better Stack documentation, you can
find the full list of [Better Stack IPs](https://uptime.betterstack.com/ips.txt). We
will use this list to create a script that will whitelist all addresses in this
file.

First, save the following script to a file. For example `whitelist_script.sh`

```command
#!/bin/sh
curl https://uptime.betterstack.com/ips.txt > ./betteruptime_ips.txt;
echo 'running......'
for x in `cat ./betteruptime_ips.txt`;
	do
		ufw allow from $x
done
ufw reload > /dev/null
```

This script will create a text file `betteruptime_ips.txt` and whitelist each
address in this file.

To run the script, enter the following command:

```command
sudo ./whitelist_script.sh
```

Note that if you named the script differently, you will need to replace the
`./whitelist_script.sh` with the location and name of your script.

## How to display UFW rules

To display active UFW rules, run the following command:

```command
sudo ufw status
```

## How to delete UFW rules

To delete a specific UFW rule, add the delete option to the command as shown
below:

```command
sudo ufw delete allow from 168.119.96.203
```

Alternatively, if you want to delete multiple addresses at once, you can reuse
the previous script and replace the `ufw allow` command with the
`ufw delete allow` and remove the `curl` line from the script.