automation/security
2020-07-17 16:05:52 +02:00
..
2020-07_SSL_Server_Test_luxeylab.net_files performed a SSL security test, needs to be reviewed 2020-07-17 16:05:52 +02:00
2020-07_SSL_Server_Test_luxeylab.net.html performed a SSL security test, needs to be reviewed 2020-07-17 16:05:52 +02:00
README.md minor advice 2020-01-29 11:05:21 +01:00
ufw.sh added easy UFW rules 2020-01-28 13:40:31 +01:00

PHP inections

See phpmalwarescanner

Firewall

Ports I need

Incoming - DROP except:

  • http/s (nginx)
  • 8448 (synapse - with TLS through nginx)
  • ssh
  • icmp
  • ftp

Outgoing - ACCEPT all

Using UFW

  • Enable IPv6 in /etc/default/ufw if not done:

    IPV6=yes

  • Set default rules e.g.:

    ufw default deny incoming ufw default allow outgoing

  • Configure more rules:

    ufw [allow|deny|reject|limit] [in|out] [protocol|port]

See ufw.sh.