Im trying to configure a web server and just want to know what firewall should I install in it? APF? UFW? or something else?
Im trying to configure a web server and just want to know what firewall should I install in it? APF? UFW? or something else?
UFW and the others are just front-ends for iptables. So you could use either. I gather that UFW is the officially supported front-end so you could go with that unless you want or need extras like rate limiting.
You are right:
https://help.ubuntu.com/community/Fail2ban
Rate limiting is also built into iptables. So if you work directly with iptables, you don't need extras. It's a little harder to find good documentation on iptables, though, but it is the simplest way to go.
Code:... iptables -A INPUT -p icmp --icmp-type echo-request \ -m limit --limit 1/s -i eth0 -j ACCEPT ... iptables -A INPUT -p TCP --dport 22 -m state --state NEW \ -m limit --limit 4/minute --limit-burst 5 -j ACCEPT ... iptables -A INPUT -p TCP -j RETURN
I would like to recommend application firewall for web server. However, those are add-ons to the web server.
If you want a lightweight, fast and secure web server, I would recommend Hiawatha.
Why I suggest Hiawatha? It is because of her features.
If you want to install Hiawatha on Ubuntu Server, you can refer to this HOWTO.
Samiux
Bookmarks