How To Whitelist Better Uptime IPs in UFW

Better Stack Team
Updated on May 4, 2022

If you are using Uncomplicated Firewall (UFW) on your system it is a best practice to whitelist Better Uptime IPs or User Agent. This will prevent UFW from blocking Better Uptime's monitoring requests and prevent any false incident alerting.

In this quick tutorial, we will guide you through each step.

Where can I find Better Uptime IPs?

The official documentation provides list of all used Better Uptime IPs as well as the User Agent. They are split into regions for easier navigation.

Allow incoming connections from specific IP Address

To allow all incoming connections originating from a specific IP address, you can use the allow option of the ufw utility.

To allow connections from one IP address, run the following command:

sudo ufw allow from 168.119.96.203
Copied!
Output
Rule added

Don’t forget to replace the IP address with the IP address you want to whitelist.

Allow incoming connection from specific IP to a specific network interface

To allow all incoming connections originating from a specific IP address to a specific network interface on your system, you can use the allow option of the ufw utility.

To allow connections, run the following command:

sudo ufw allow in on eth0 from 168.119.96.203
Copied!
Output
Rule added

How to whitelist multiple addresses at once

To whitelist multiple addresses in one go, you need to create a simple shell script that will do the hard work. In the Better Uptime documentation, you can find the full list of Better Uptime IPs. We will use this list to create a script that will whitelist all addresses in this file.

First, save the following script to a file. For example whitelist_script.sh

#!/bin/sh
curl https://betteruptime.com/ips.txt > ./betteruptime_ips.txt;
echo 'running......'
for x in `cat ./betteruptime_ips.txt`;
    do
        ufw allow from $x
done
ufw reload > /dev/null
Copied!

This script will create a text file betteruptime_ips.txt and whitelist each address in this file.

To run the script, enter the following command:

sudo ./whitelist_script.sh
Copied!

Note that if you named the script differently, you will need to replace the ./whitelist_script.sh with the location and name of your script.

How to display UFW rules

To display active UFW rules, run the following command:

sudo ufw status
Copied!

How to delete UFW rules

To delete a specific UFW rule, add the delete option to the command as shown below:

sudo ufw delete allow from 168.119.96.203
Copied!

Alternatively, if you want to delete multiple addresses at once, you can reuse the previous script and replace the ufw allow command with the ufw delete allow and remove the curl line from the script.

Got an article suggestion? Let us know
Explore more
Licensed under CC-BY-NC-SA

This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.

We are hiring.

Software is our way of making the world a tiny bit better. We build tools for the makers of tomorrow.

Explore all positions →

Reliability is the
ultimate feature

Delightful observability tools that turn your logs & monitoring into a secret weapon for shipping better software faster.

Explore Better Stack