Introduction
A firewall is an important security measure for any computer system, and setting up a firewall on an s0.d1.small BMC instance is no exception. Firewalls are used to protect a computer system from malicious attacks, and can be configured to block certain types of traffic or to allow only certain types of traffic. In this guide, we will discuss the steps necessary to set up a firewall on an s0.d1.small BMC instance. We will cover the basics of firewall configuration, as well as the specific steps necessary to configure a firewall on an s0.d1.small BMC instance. By the end of this guide, you should have a basic understanding of how to set up a firewall on an s0.d1.small BMC instance.
Setting up a Firewall on an s0.d1.small BMC Instance
1. Log into the BMC instance using SSH.
2. Install the UFW (Uncomplicated Firewall) package.
sudo apt-get install ufw
3. Enable the firewall.
sudo ufw enable
4. Allow SSH connections.
sudo ufw allow ssh
5. Allow HTTP and HTTPS connections.
sudo ufw allow http
sudo ufw allow https
6. Deny all other incoming connections.
sudo ufw default deny incoming
7. Allow all outgoing connections.
sudo ufw default allow outgoing
8. Check the status of the firewall.
sudo ufw status
Introduction
The s0.d1.small Bare Metal Cloud server instance is an affordable, single-CPU, general-purpose instance suitable for a broad array of workloads. One possible use case is using it for setting up a firewall to create a barrier for unwanted network traffic.
This tutorial shows how to set up a firewall on an s0.d1.small BMC server instance.
Prerequisites
- Access to the command line/terminal with administrator privileges.
- A Bare Metal Cloud (BMC) Portal account.
How to Set Up a Firewall on the s0.d1.small BMC Instance?
Follow the steps outlined below to set up a firewall on your Bare Metal Cloud server instance.
Step 1: Deploy a s0.d1.small BMC Instance
1. Log in to the BMC portal with your phoenixNAP credentials. If you are a new client, create a Bare Metal Cloud account.
2. Follow the steps outlined in our tutorial for deploying a new Bare Metal Cloud server and get your server up and running in minutes.
- Click the Select button to choose the s0.d1.small instance in the server configuration step.
Note: If the server instance is unavailable, click the Contact Sales button for more information about availability. If the server instance is available in a different location, the Available Locations button appears, allowing you to choose an alternative server location.
- Select the OS you want for your server and click Next. We’ve chosen Ubuntu Bionic for this tutorial as it is free, open-source, and deploys in around 60 seconds.
3. Use SSH to connect to the new BMC server and set up a firewall.
Connect to the server via SSH using the allocated public IP address:
ssh [email protected][your public IP]
Step 2: Install a Firewall
After deploying the server and connecting to it, install a firewall on your Bare Metal Cloud server. Depending on your preferences, you can use several different firewall solutions, such as UFW or iptables.
For this tutorial, we will use the iptables firewall, which comes preinstalled in most Linux distros, and offers a variety of advanced settings.
You can run the install
command to make sure the firewall is installed:
sudo apt-get install iptables
Note: Install the persistent package to keep iptables firewall rules after rebooting the system. Run: sudo apt-get install iptables-persistent
.
Since this BMC server has iptables already installed, the output shows the version.
Step 3: Set up the Firewall
After installing iptables, define rules for the firewall to improve your network security. Our ultimate iptables tutorial guides you through setting up each rule and appending it to the chain. Before defining the rules, all chains are set to ACCEPT
. As a result, any packet can come through unfiltered.
Run the following command to view the current set of rules on your server:
sudo iptables -L
The steps below show how to define some basic firewall rules and append them to the chain.
1. Define Rules
When you define a rule in iptables it means you are appending it to a chain. The syntax for defining new rules is:
sudo iptables -A [option]
The available options are:
-i
(interface) – Specify a network interface whose traffic you want to filter (e.g., eth0, lo, ppp0, etc.).-p
(protocol) – Specify the network protocol you want to filter (e.g., TCP, UDP, ICMP, ICMPv6, etc.). Specifyingall
chooses every protocol.-s
(source) – Specify an address, hostname, or IP address for incoming traffic.--dport
(destination port) – Define the destination protocol port number (22
for SSH,443
for HTTPS, etc.).-j
(target) – Specify the target name –ACCEPT
,DROP
,RETURN
each time you make a new rule.
Using all the options requires the following order:
sudo iptables -A [chain] -i [interface] -p [protocol (tcp/udp) ] -s [source] --dport [port number] -j [target]
In the following example, we have instructed iptables to keep the SSH connection working as usual and accept connections:
sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT
The iptables firewall also allows you to filter connections based on an IP address or a range of IP addresses. For example, running the following command instructs iptables to accept connections from the specified IP address:
sudo iptables -A INPUT -s 87.116.140.66 -j ACCEPT
You can check if the rules have been appended by running:
sudo iptables -L -v
2. Save Changes
To prevent losing your iptables rules after a reboot, make sure to save your changes by running:
sudo /sbin/iptables-save
The output lists the rules and saves them.
3. Delete Rules
If you want to start over and define new rules, use the -F
(flush) option:
sudo iptables -F
To delete a specific rule, you need to specify its line number. See all rule line numbers by running:
sudo iptables -L --line-numbers
The output lists all the rules and states their line numbers. Now you can use the following syntax to delete a specific rule:
sudo iptables -D INPUT [rule line number]
For example:
The output shows that only rule number 1 remains after instructing iptables to delete rule number 2.
Why Set Up a Firewall on a s0.d1.small BMC Instance?
There are several benefits to setting up a firewall on a s0.d1.small BMC instance:
- Low cost. The small BMC instance costs only $0.10/h, and it is well suited for a wide variety of workloads, including a firewall. Additionally, the s0 BMC server can also serve as a load balancer, distributing traffic across multiple servers.
- Secure. Improving network security is essential for any business, and the small s0 BMC instance is perfect for setting up a firewall to increase your network infrastructure security. Each BMC server instance also comes with free 20 Gbps DDoS protection.
- Automated. With 20 pre-configured and fine-tuned instances, you can have your server up and running in only a few clicks. Finish setting up your firewall in minutes, and you can focus on your business, which is now safe from network attacks.
Conclusion
By following this tutorial, you should know how to set up a firewall on an s0.d1.small Bare Metal Cloud instance easily and quickly. The small and cheap BMC instance acts as a shield, protecting your business from network threats.
Setting up a Firewall on an s0.d1.small BMC Instance
Setting up a firewall on an s0.d1.small BMC instance is a great way to protect your system from malicious attacks. A firewall is a network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules. By setting up a firewall, you can protect your system from unauthorized access, malicious software, and other threats.
Steps to Set Up a Firewall on an s0.d1.small BMC Instance
- Log in to your s0.d1.small BMC instance using SSH.
- Install the UFW (Uncomplicated Firewall) package. This is a user-friendly front-end for managing iptables.
- Configure the firewall rules. This can be done by editing the /etc/ufw/ufw.conf file.
- Enable the firewall. This can be done by running the command “ufw enable”.
- Check the status of the firewall. This can be done by running the command “ufw status”.
- Add additional rules to the firewall. This can be done by running the command “ufw allow [port]/[protocol]”.
- Save the firewall rules. This can be done by running the command “ufw reload”.
By following these steps, you can easily set up a firewall on an s0.d1.small BMC instance. It is important to remember to regularly check the status of the firewall and add additional rules as needed.