Created
January 12, 2016 22:02
-
-
Save aerth/d90e8713450b47eb5b95 to your computer and use it in GitHub Desktop.
Hardened UFW rules (you customize)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # this lil script was created by aerth at Earthbot.net | |
| # run this to clear your ufw rules and replace with this default medium-high security! | |
| # reset firewall | |
| ufw reset | |
| # default deny, in and out. | |
| ufw default deny outgoing | |
| ufw default deny incoming | |
| ufw enable | |
| # deny all but 80 and 443 outgoing | |
| # i added 22, 6667, and 8080 recently | |
| ufw allow out 80,443,8080/tcp | |
| ufw allow out 22,6667,6697/tcp | |
| # uncomment for DNS lookups to router | |
| #ufw allow out 53/udp | |
| # comment if you arent a headless server, change port number if you run weird port | |
| ufw limit in 22/tcp | |
| ufw reload # add these rules we just made | |
| ufw status verbose # lets see what it looks like! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment