Hello,
I run VPS with public IP with mail and web server on it. I have heard it might be good idea to set up a firewall. So I did these ufw settings, hoping, it will only allow ssh, mail and web related ports. And then rebooted VPS.
So I have tried to test port 26 from remote computer. Port 26 is not on allow list and should be blocked, yes?
And I get this result:
I run VPS with public IP with mail and web server on it. I have heard it might be good idea to set up a firewall. So I did these ufw settings, hoping, it will only allow ssh, mail and web related ports. And then rebooted VPS.
Code:
Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing), disabled (routed)
New profiles: skip
To Action From
-- ------ ----
22/tcp (OpenSSH) ALLOW IN Anywhere
80/tcp ALLOW IN Anywhere
443/tcp ALLOW IN Anywhere
25/tcp ALLOW IN Anywhere
587/tcp ALLOW IN Anywhere # Allow SMTP submission (TLS)
993/tcp ALLOW IN Anywhere # Allow IMAP with SSL/TLS
22/tcp (OpenSSH (v6)) ALLOW IN Anywhere (v6)
80/tcp (v6) ALLOW IN Anywhere (v6)
443/tcp (v6) ALLOW IN Anywhere (v6)
25/tcp (v6) ALLOW IN Anywhere (v6)
587/tcp (v6) ALLOW IN Anywhere (v6) # Allow SMTP submission (TLS)
993/tcp (v6) ALLOW IN Anywhere (v6) # Allow IMAP with SSL/TLS
So I have tried to test port 26 from remote computer. Port 26 is not on allow list and should be blocked, yes?
Code:
nc -z -v <IP> 26
Code:
Connection to <IP> 26 port [tcp/*] succeeded!
- Is my approach to allow ssh, mail and web related ports is correct?
- Do I perhaps test it incorrectly?
- Why can I successfully test ports outside of the range of allowed ports?