How to secure your Ubuntu 22..04 server with these firewall rules

Firewall rules are an essential part of securing a machine running Ubuntu 22.04 x64. They allow you to control which incoming and outgoing connections are allowed, and can help protect your machine against cyber attacks. In this article, we will discuss how to configure the Ubuntu firewall (ufw) and make your webserver safer by allowing and disabling certain ports.

List of common ports and services:

  • 22: SSH (Secure Shell)
  • 80: HTTP (Hypertext Transfer Protocol)
  • 443: HTTPS (HTTP Secure)
  • 25: SMTP (Simple Mail Transfer Protocol)
  • 53: DNS (Domain Name System)
  • 123: NTP (Network Time Protocol)
  • 3389: Remote Desktop Protocol (RDP)
  • 5900: VNC (Virtual Network Computing)
  • 6379: Redis (in-memory data structure store)
  • 27017: MongoDB (cross-platform document-oriented database)

Bash script for making a webserver safer:


# Enable the firewall
ufw enable

# Allow SSH connections
ufw allow ssh

# Allow HTTP and HTTPS connections
ufw allow http
ufw allow https

# Deny all incoming connections by default
ufw default deny incoming

# Allow all outgoing connections by default
ufw default allow outgoing

# Deny connections to certain high-risk ports
ufw deny 25 # SMTP
ufw deny 53 # DNS
ufw deny 123 # NTP
ufw deny 3389 # RDP
ufw deny 5900 # VNC
ufw deny 6379 # Redis
ufw deny 27017 # MongoDB

# Check the status of the firewall
ufw status

This script enables the firewall, allows incoming connections on ports 22 (SSH), 80 (HTTP), and 443 (HTTPS), and denies incoming connections on ports 25 (SMTP), 53 (DNS), 123 (NTP), 3389 (RDP), 5900 (VNC), 6379 (Redis), and 27017 (MongoDB). These are just examples, and you may want to customize the script to fit your specific needs and requirements.

Keep in mind that configuring the firewall is just one aspect of securing a machine running Ubuntu 22.04 x64. Other measures, such as installing antivirus software, keeping the operating system and applications up-to-date, and following best practices for password security, are also important.

Leave a Reply