فعال‌سازی اضافه ترافیک
این امکان در دست توسعه است.
با آپدیت بعدی اضافه خواهد شد.
Firewall Rules

Please follow these instructions to enable the firewall on your server:

  1. Login to your server via Putty or any other software.
  2. Basic instructions to block all connections to the server and allow the necessary ones
    3. # Reset UFW to default

sudo ufw reset

# Set default policies to deny all incoming and outgoing traffic

sudo ufw default deny incoming
sudo ufw default deny outgoing

# Allow essential web traffic

sudo ufw allow in 80/tcp  # HTTP
sudo ufw allow out 80/tcp
sudo ufw allow in 443/tcp  # HTTPS
sudo ufw allow out 443/tcp

# Allow SSH

sudo ufw allow in 22/tcp  # SSH
sudo ufw allow out 22/tcp

# Enable UFW

sudo ufw enable
  3. You can allow any port you want with this command. Let's say you changed your SSH port to 2233, then you should allow it
    4. sudo ufw allow in 2233/tcp
  4. If you're using a VPN service and want to allow the most important ports
    5. # Allow WhatsApp, Telegram, and Facebook Messenger, etc.

sudo ufw allow in 5222/tcp
sudo ufw allow out 5222/tcp
sudo ufw allow in 3478/udp
sudo ufw allow out 3478/udp
sudo ufw allow in 3479/udp
sudo ufw allow out 3479/udp
sudo ufw allow in 45395/udp
sudo ufw allow out 45395/udp
sudo ufw allow in 50318/udp
sudo ufw allow out 50318/udp
sudo ufw allow in 59234/udp
sudo ufw allow out 59234/udp
sudo ufw allow in 5223/tcp
sudo ufw allow out 5223/tcp
sudo ufw allow in 843/tcp
sudo ufw allow out 843/tcp
sudo ufw allow in 5000/udp
sudo ufw allow out 5000/udp
sudo ufw allow in 5001/udp
sudo ufw allow out 5001/udp
  5. The most important command to avoid Network/Port scan, block these IP ranges:
    6. # Block the IP ranges to avoid port scans

sudo ufw deny in from 10.0.0.0/8
sudo ufw deny out to 10.0.0.0/8
sudo ufw deny in from 172.0.0.0/8
sudo ufw deny out to 172.0.0.0/8
sudo ufw deny in from 192.0.0.0/8
sudo ufw deny out to 192.0.0.0/8
sudo ufw deny in from 102.0.0.0/8
sudo ufw deny out to 102.0.0.0/8
sudo ufw deny in from 168.0.0.0/8
sudo ufw deny out to 168.0.0.0/8
  6. To block email ports to avoid SPAM, it's very important
    7. sudo ufw deny in 25
sudo ufw deny out 25
sudo ufw deny in 465
sudo ufw deny out 465
sudo ufw deny in 587
sudo ufw deny out 587
کنسول سرور