search
githubEdit

Firewalls and Security

We want to make sure that we can expose services and services to the internet, but we want to ensure that bad actors cannot enter our system.

hashtag
UFW (Uncomplicated Firewall)

hashtag
What is UFW?

UFW (uncomplicated firewall) is a command-line tool designed to simplify firewall management on Linux systems, particularly those based on Ubuntu. Built on top of iptablesarrow-up-right, it provides a user-friendly way to define rules for controlling network traffic, such as allowing or blocking specific ports, IP addresses, or services.

hashtag
Let's set up UFW 

sudo su                        # You must be root to configure UFW
ufw status                     # Check current firewall status (should be inactive)

ufw app list                   # List available application profiles
ufw allow OpenSSH              # Allow SSH connections
ufw limit ssh                  # Rate-limit SSH to prevent brute force

ufw default deny incoming      # Block all INcoming traffic by default
ufw default allow outgoing     # Allow all OUTgoing traffic by default

ufw enable                     # Activate the firewall 

ufw status                     # See the current ufw rules!
exit                           # go back to your own user
LogoHow to Set Up a Firewall with UFW on Ubuntu | DigitalOceanDigitalOceanchevron-right

hashtag
Note that there are some implications of UFW and Docker:

LogoGitHub - chaifeng/ufw-docker: To fix the Docker and UFW security flaw without disabling iptablesGitHubchevron-right

But no worries, we will also cover how we can tackle this on Docker's side!

PreviousServer SetupNextDomains & DNS

Last updated