R. Cybersecurity best practices and reinforcement
Disclaimer! Article is work in under "construction". Please bear with me as I gather my thoughts on paper.
In the previous chapter we discussed about the perils of the world wide web as discovered on my very own web server, now we will extend that chapter with what are the best practices to stay safe and how to reinforce them.
In the noon of this pandemic and of ever present lockdowns, cybersecurity risks discoveries and attacks have risen, people are staying more indoors and hackers are too, definitely thriving and getting ever more creative in terms of automations, penetration method attacks and code complexity, nobody is safe and at the increasing rate of technology development I do foresee a slowdown in these maleficent/malevolent/ill intentions.
Just to get an idea oh how bad things are and why cybersecurity is a mission critical and detrimental business I recommend that you read this report on 2020 statistics.
The most shocking one I found was this comment from the FBi: "Since the pandemic began, the FBI reported a 300% increase in reported cybercrimes."
But enough with the chit chat, let's get down to business!
-
What is a firewall?
-
Cisco: A firewall is a network security device that monitors incoming and outgoing network traffic and decides whether to allow or block specific traffic based on a defined set of security rules. Firewalls have been a first line of defense in network security for over 25 years.
They establish a barrier between secured and controlled internal networks that can be trusted and untrusted outside networks, such as the Internet.
A firewall can be hardware, software, or both.
I'm not going to go into details as there are tons of articles online regarding what firewalls are and how they can help you, what I am going to mention is the fact that you can also use firewalls to restrict access only for certain IPs, routes or people, and that is exactly what I did.
UFW, is a front-end to iptables. Its main goal is to make managing your firewall drop-dead simple and to provide an easy-to-use interface. It’s well-supported and popular in the Linux community—even installed by default in a lot of distros. As such, it’s a great way to get started securing your server.
a. Installing UFW
$ sudo apt-get install ufw
b. Enable UFW
$ sudo ufw enable
c. Check status
$ sudo ufw status
d. Adding rules
I only want to add rules that allow traffic from Apache and from my internal ip address.
$ sudo ufw allow 'Apache'
$ sudo ufw allow from 192.168.1.21 to any port 22 proto tcp
e. Verifying your configuration
$ sudo ufw status
Status: active
To Action From
-- ------ ----
Apache ALLOW Anywhere
Anywhere ALLOW 192.168.1.21
22/tcp ALLOW 192.168.1.21
Apache (v6) ALLOW Anywhere (v6)
Additional resources
Quick and dirty from Digital Ocean
**Congrats, you're done!**
We have learned about We have also learned about Finally, we went over how the
If you hit a problem or have feedback (which is highly welcomed) please feel free to get in touch, more details in the footer.