I added many new UFW rules and other security measures to my Ubuntu server as a result of all the weird things happening in Europe right now. There was a time when I would have done this immediately after building the server, but I have been getting lax in my old age
I also added a number of DENY rules to stop HTTP site scanning. I haven’t had to block a /8 yet, but there are a few /16 and /15 networks in my deny list. This with some well-placed .htaccess rules made many annoying bots go away.
In my research, I have found that there is a desire to completely block entire countries (you know who you are). Doing so with CIDR-based firewall rules is intensive – the UFW ruleset for one of the countries had 24,000+ CIDR blocks!
If you are running home servers, I highly recommend blocking SSH from as much of the internet as possible. As well, keep up-to-date with security patches and block all the stupid ways people can use your servers.
And make sure your cable router/device in front of your network is blocking everything except the most important stuff.
Leave a Reply