diff --git a/inventory/group_vars/all.yml b/inventory/group_vars/all.yml
index de798b7..0f8135e 100644
--- a/inventory/group_vars/all.yml
+++ b/inventory/group_vars/all.yml
@@ -40,3 +40,11 @@ forgejo_release: "1.21.11-1"
 
 swap_size: "2048"
 swap_file: "/swapfile"
+
+#
+# Blocked IPs
+#
+
+blocked_ips:
+  - 47.76.99.127
+  - 47.76.209.138
diff --git a/roles/firewall-block/tasks/main.yml b/roles/firewall-block/tasks/main.yml
index fe9ad2c..f6d3204 100644
--- a/roles/firewall-block/tasks/main.yml
+++ b/roles/firewall-block/tasks/main.yml
@@ -82,3 +82,23 @@
     proto: tcp
     insert: 5
     route: true
+
+#
+# Block IPs from list
+#
+
+- name: Block IP (normal)
+  community.general.ufw:
+    rule: deny
+    insert: 1
+    route: true
+    src: '{{ item }}'
+  loop: "{{ blocked_ips }}"
+
+- name: Block IP (fwd)
+  community.general.ufw:
+    rule: deny
+    insert: 1
+    route: false
+    src: '{{ item }}'
+  loop: "{{ blocked_ips }}"