There are two ways to start thinking about your server firewall security. The hard way or the easy way. The easy way would be to start thinking before something bad has happened to your server, and now you can figure out what would be the hard way..
In order to get the security of your server up, you should start with setting up firewall.
Simple firewall for Linux (Ubuntu)
sudo apt-get install ufw
Now when this is setup, you can start most simple settings. Please remember to enable ssh any time – you don’t want to be locked from your own server.
sudo ufw default deny incoming sudo ufw logging on sudo ufw allow 80/tcp sudo ufw allow 443/tcp sudo ufw allow 22/tcp sudo ufw enable
Some of the ports include open ports for email senders.
After this basic setup is set. Restart ufw.
sudo ufw disable sudo ufw enable sudo ufw status verbose
Additional elements to check:
netstat -nputw c - monitor current connections. high Send-Q implies your server is being misused. git clone https://github.com/CISOfy/lynis ./lynis audit system -Q - Check for security vulnerabilities.
For information wget:
wget supports HTTP, HTTPS, and FTP, so by default that's 80, 443, 20, and 21 (all TCP).
apt can use HTTP, HTTPS, FTP, RSH, and SSH, so that's 80, 443, 20, 21, 514, and 22 (also all TCP)