I have read the basic instructions here:
https://help.ubuntu.com/community/UFW
I want to sudo ufw default deny
and then
sudo ufw allow ssh
sudo ufw allow smtp
sudo ufw allow www
sudo ufw allow https
sudo ufw allow imaps
to allow the services I need, am I missing anything ? I assume allowing ssh
will also allow scp
? (heck I will allow sftp as well anyway).
However my problem is I am connecting remotely, so the only way I can do what I want is to actually do a sudo ufw default allow
then use a list of the services provided by less /etc/services
and deny each service individually?
This seems a pain as if I turn on the firewall with default deny it will boot me out of my ssh connection?
(also posted on askubuntu, not sure which is the best place)
Best Answer
Yeah, SCP/SFTP are via the SSH protocol, so your rules will cover them.
Use
default deny
- you don't want to default to allowing any services that come up later.UFW defaults to disabled, so configure it with
default deny
then all of yourallow
rules for services before runningufw enable
. It'll warn you about burning your SSH session when you do this, but if you've configured your SSH rule, there will be no issue and your current session won't even drop.One other suggestion: use
limit
instead ofallow
for the SSH rule - it's a simple way to cut down on the viability of brute-force authentication against the service by blocking overly frequent connections.