On Fri, 17 Apr 2015 18:45:27 +0100 Paul Grenyer paul@nakedelement.co.uk allegedly wrote:
Hi All
I've a service running on port 8983 of an ubuntu Digital Ocean droplet. In front of that I've got Apache web server forwarding from port 80.
It seams that Digital Ocean droplets don't have any security, which obviously isn't great for production. I'd like to secure my server ready for production, but I'm not really sure where to start.
I'm assuming I at least need to block access to all ports except 80 and the SSH port, but I don't know how. What else do I need to do?
Paul
I have three VPS at DO. You are correct - they are wide open by default. I wrote a blog post[1] back in 2012 which may help. Happy to discuss if you like.
Mick
[1] https://baldric.net/2012/09/09/iptables-firewall-for-servers/
---------------------------------------------------------------------
Mick Morgan gpg fingerprint: FC23 3338 F664 5E66 876B 72C0 0A1F E60B 5BAD D312 http://baldric.net
---------------------------------------------------------------------