cmackenzie1/ufw.md

Created October 28, 2024 03:23

Star () You must be signed in to star a gist
Fork () You must be signed in to fork a gist

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/cmackenzie1/bb04acafe2fa6f3caab5b87204208a6a.js"></script>
Save cmackenzie1/bb04acafe2fa6f3caab5b87204208a6a to your computer and use it in GitHub Desktop.

Raw

Settings for locking down a server with UFW

# delete all existing rules
sudo ufw reset

# enable ufw
sudo ufw enable

# defult deny everything incoming
sudo ufw default deny incoming
sudo ufw default allow outgoing

# allow everything using tailscale
sudo ufw allow in on tailscale0

# HTTP and HTTPS
sudo ufw allow http
sudo ufw allow https