Common utilities to protect your server

Here is a list of some common Linux utilities you should use, whenever you create a new server.

Firewall

I usually always use ufw because it is very easy to use and comes with Ubuntu, which I use for my servers. For a very basic configuration, I do:

$ sudo ufw status
Status: inactive

$ sudo ufw allow 22/tcp
$ sudo ufw allow 443/tcp
$ sudo ufw enable

This sets up a very simple firewall which allows inbound connections on Port 22 and Port 443. Everything else denied by default.

To check the status of the firewall, you can run the following command:

$ sudo ufw status
Status: active

To                         Action      From
--                         ------      ----
22/tcp                     ALLOW       Anywhere
443/tcp                    ALLOW       Anywhere
22/tcp (v6)                ALLOW       Anywhere (v6)
443/tcp (v6)               ALLOW       Anywhere (v6)