Question Seeking help with firewall rules

[dsherron]

Server operating system version

Ubuntu 20.04.5 LTS

Plesk version and microupdate number

Plesk Obsidian v18.0.48_build1800221104.03

Hi all,

I am fairly new to Plesk.

My question is not how to configure the firewall rules but what (and why) firewall rules to configure. I have searched and searched and all I find is articles about the how but not the what/why.

I would really appreciate pointers to useful resources, tutorials, books, anything (but not procedural/mechanical--I get that).

Thanks!

 

[scsa20]

Utilizing the default rules is best as a starting point as it will give access to only the ports needed from the internet. As for why you should use a firewall, it's to protect you from unauthorized access through a unknown port that might have an exploit. Your home router, for example, is also a firewall.

 

[dsherron]

The default rules, according to an email I received from AWS, is vulnerable to malicious actors. Plus, it looks wide open to me and I have not touched it.

 

[scsa20]

If you're using AWS, you will have additional security configuration on the VPC anyways so utilizing the default policies is fine in your case and just open the bare minimal on the VPC network security group (80, 443, 8443, 8447 (is is for plesk update page), 25, 254, 993).