What are some basic DO cloud firewall rules for a web server?
I’m running a web server with a few virtual hosts.
I currently only have the ufw firewall, but I’m looking to implement a Digital Ocean cloud firewall.
However, what kind of rules do I need? I’m thinking about these inbound rules and sources:
SSH: public IP of my home network
HTTP: All IPv4, All IPv6
HTTPS: All IPv4, All IPv6
MySQL: public IP of my home network
This seems good, but the outbound rules confuse me.
Outbound rules are meant for things like apt-get? I tried running a Digital Ocean firewall without outbound rules, but my websites didn’t work anymore (or really slow) and the Digital Monitoring didn’t work as well anymore.
What kind of (outbound) rules do I need to secure my web server and keep it running well?
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.