Hello, as the title says I’m trying to set up the Ubuntu Firewall to secure my computer, and I need a few tips on how to do so. First the scenario:
The computer has set up an Apache web server (listening on Custom Port) and that one needs to be accessible from both the LAN and the Internet. The default SSH port needs to be open just for the LAN. All other ports should, in theory, remain closed.
Of course I tested it on the LAN first. I tried to use the graphical config utility, and set up rules to block all incoming connections but the ones for those specific ports, but it didn’t work when I tested it (the Firewall just blocked all incomming traffic). Its not the first Firewall I set up, so I’m definitely missing something here. With the firewall down I can access the apache and SSH just fine.
On a different note… what would you recommend to block certain IPs? IPTables on the Firewall or Htaccess on the Apache server? Say, I have a big blacklist of known malicious IPs (from China, Kazastan, Ucraine, the usual stuff…) and I want to block them from accessing or contacting the web services in my Apache. Which of the two is the best way to proceed? Thanks in advance!