set up your firewall with UFW
You have a Digital Ocean VPS with Ubuntu and you want to set up a firewall on it. However, iptables is too complicated. What to do?
Use UFW, the Uncomplicated Firewall. Say you want to open the SSH port and you have a webapp running on a specific port that you want to make accessible. Here is a basic setting:
#!/usr/bin/env bash sudo ufw reset sudo ufw disable # SSH is on a custom port sudo ufw allow 12345/tcp # the webapp is listening here sudo ufw allow 1234/tcp sudo ufw default deny incoming sudo ufw default allow outgoing sudo ufw enable sudo ufw status verbose
Warning! Make sure to add your SSH port! Otherwise you won’t be able to log in anymore!
Outgoing connections are allowed. Incoming connections are blocked except: 1) port 12345, and 2) port 1234.
- https://www.digitalocean.com/community/tutorials/how-to-use-the-mongodb-one-click-application (simple example)
- https://www.digitalocean.com/community/tutorials/how-to-setup-a-firewall-with-ufw-on-an-ubuntu-and-debian-cloud-server (detailed)
- https://help.ubuntu.com/community/UFW (detailed)