This page is more of a guide for myself to follow. I hope you don’t mind (^:
Use ufw to setup a firewall. Ufw stands for “uncomplicated firewall” and
makes setting up some simple firewall rules easy. Install ufw with
sudo apt install ufw
Make sure that you open your ssh port. If you are using the default ssh port (22) then run
sudo ufw allow ssh
If you changed your ssh port like mentioned earlier, the you should instead run
sudo ufw allow 4000/tcp
where 4000 is a stand-in for whatever port you are using for ssh.
Next open ports 80 and 443 for http and https with
sudo ufw allow 80/tcp
sudo ufw allow 443/tcp
Lastly we will want to set some defaults for the rest of the ports to obey. Lets close all other ports aside from the ones we are using for ssh and http/https.
sudo ufw default deny incoming
sudo ufw default allow outgoing
Now that you have added some rules you can check to see that ufw has the right settings by running
sudo ufw status verbose
This will show you the status of ufw and the current rules. All that’s left is to activate the firewall with
sudo ufw enable
For a more in-depth setup guide of ufw check out this guide from Cyberciti.