From d18a0645d34c986c7ac0118102b96a5dbbc69ae3 Mon Sep 17 00:00:00 2001 From: devdatt Date: Tue, 17 Jun 2025 21:21:44 +0530 Subject: [PATCH] ufw update --- setup_server/account.urmic.org.sh | 8 ++++++-- setup_server/cdn.urmic.org.sh | 6 +++++- setup_server/stream.urmic.org.sh | 6 +++++- 3 files changed, 16 insertions(+), 4 deletions(-) diff --git a/setup_server/account.urmic.org.sh b/setup_server/account.urmic.org.sh index 5e34768..1e6b72f 100644 --- a/setup_server/account.urmic.org.sh +++ b/setup_server/account.urmic.org.sh @@ -1,7 +1,7 @@ apt update apt upgrade -y apt autoremove -y -apt install nginx fail2ban -y; +apt install nginx ufw fail2ban -y; apt install php-fpm php-cli php-mysql php-zip php-gd php-mbstring php-curl php-xml php-pear php-bcmath -y mkdir /etc/ssl/private; @@ -272,4 +272,8 @@ EOL systemctl restart nginx; systemctl enable fail2ban -systemctl restart fail2ban \ No newline at end of file +systemctl restart fail2ban +ufw default allow outgoing +ufw default deny incoming +ufw allow 80 +ufw allow 443 \ No newline at end of file diff --git a/setup_server/cdn.urmic.org.sh b/setup_server/cdn.urmic.org.sh index 6c4d376..ccef0fd 100644 --- a/setup_server/cdn.urmic.org.sh +++ b/setup_server/cdn.urmic.org.sh @@ -1,7 +1,7 @@ apt update apt upgrade -y apt autoremove -y -apt install nginx fail2ban -y; +apt install nginx ufw fail2ban -y; apt install php-fpm php-cli php-mysql php-zip php-gd php-mbstring php-curl php-xml php-pear php-bcmath -y mkdir /etc/ssl/private; @@ -267,3 +267,7 @@ EOL systemctl restart nginx; systemctl enable fail2ban systemctl restart fail2ban +ufw default allow outgoing +ufw default deny incoming +ufw allow 80 +ufw allow 443 \ No newline at end of file diff --git a/setup_server/stream.urmic.org.sh b/setup_server/stream.urmic.org.sh index 7370c25..d0f2d84 100644 --- a/setup_server/stream.urmic.org.sh +++ b/setup_server/stream.urmic.org.sh @@ -1,7 +1,7 @@ apt update apt upgrade -y apt autoremove -y -apt install nginx fail2ban -y; +apt install nginx ufw fail2ban -y; apt install php-fpm php-cli php-mysql php-zip php-gd php-mbstring php-curl php-xml php-pear php-bcmath -y mkdir /etc/ssl/private; @@ -254,3 +254,7 @@ EOL systemctl restart nginx; systemctl enable fail2ban systemctl restart fail2ban +ufw default allow outgoing +ufw default deny incoming +ufw allow 80 +ufw allow 443 \ No newline at end of file