For this I will be using a Digital Ocean Droplet with Ubuntu 20 installed on it.
Set up your firewall
We will be using the default firewall, UFW which stand for Uncomplicated FireWall.
- sudo ufw limit 22/tcp
This limits the amounts of SSH login attempts someone can make from a single IP address, protecting against brute force password cracking attempts. - sudo ufw allow 80/tcp, sudo ufw allow 443/tcp
Keeps the HTTP and HTTPS ports open for your web server, what people will be using to access it. - sudo ufw enable
Finally, activate your firewall. -
sudo ufw status should return something like this:
Most hosting companies already have these in place before people access your server, but it does not hurt to have them on your server as well.
Block connections by default
sudo ufw default deny incoming blocks incoming traffic by default
sudo ufw default allow outgoingallows outgoing traffic by default
order bind,hosts
multi on
nospoof on