Basic firewall (iptables) script for CentOS with openings for SSH, HTTP and HTTPS

centos_firewall.sh

#!/bin/bash

# see http://oracle-base.com/articles/linux/linux-firewall.php

# Set the default policies to allow everything while we set up new rules
# Prevents cutting yourself off when running from remote SSH
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT

# Flush any existing rules, leaving just the defaults
iptables -F

# Open port 22 for incoming SSH connections
iptables -A INPUT -p tcp --dport 22 -j ACCEPT

# Open port 80 for incoming HTTP requests
iptables -A INPUT -p tcp --dport 80 -j ACCEPT

# Open port 443 for incoming HTTPS requests
iptables -A INPUT -p tcp --dport 443 -j ACCEPT

# open port 8080 for Oracle XDB/EPG (uncomment if required)
#iptables -A INPUT -p tcp --dport 8080 -j ACCEPT

# open port 1521 for SQL*Net (uncomment if required)
# NOTE: this is not needed for a web server, but can be useful for a dev environment
# replace 1.2.3.4 with your own client IP address
#iptables -A INPUT -p tcp --dport 1521 -s 1.2.3.4 -j ACCEPT

# *** Put any additions to the INPUT chain here
#
# *** End of additions to INPUT chain

# accept any localhost (loopback) calls
iptables -A INPUT -i lo -j ACCEPT

# allow any existing connection to remain
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

# reset the default policies to stop all incoming and forward requests
iptables -P INPUT DROP
iptables -P FORWARD DROP

# accept any outbound requests from this server
iptables -P OUTPUT ACCEPT

# save the settings
service iptables save

# display the settings
iptables -L -v --line-numbers

fore secure server just control ipTable is Enough ?

This is an old article, but still useful for an overview of how to secure your Linux server: https://www.digitalocean.com/community/tutorials/an-introduction-to-securing-your-linux-vps