Use ufw to disable traffic to WordPress on web-server

So on the server to ban IP 1.2.3.4 use something like this:

ufw default allow incoming
ufw default allow outgoing
ufw deny from 1.2.3.4 to any
ufw enable

This assumes that your server is also protected by AWS security groups. If not, be careful, because it opens up pretty much complete access.