ufw delete deny 22 or sudo ufw delete allow 22.
You can also specify what to do with specific hosts or networks. For example, I can allow SSH
access from a particular IP address by typing sudo ufw allow proto tcp from IPADDRESS to any
port 22 into the terminal.
The logs
Firewall logs help you to recognise attacks, troubleshoot your firewall rules and notice unusual
activity on your network. These aren't automatically generated though, you'll need to turn them on,
which is simple, just type sudo ufw logging on. If you then want to switch them off, you can do so
by typing sudo ufw logging off.
You can find the logs in /var/log/messages, var/log/syslog and /var/log/kern.log.
App Armor
App Armor is a security feature which is built into Ubuntu. It runs silently in the background so you
might not even know it's there and you are even more likely not to know what it's doing.
App Armor allows system administrators to assign each program / process a security profile. This
restricts the capabilities of that program so that it can't cause any damage in the event of a security
vulnerability.
You can view the App Armor status by typing sudo apparmor_status into the terminal. This will let
you see whether App Armor is running on your system and it will also show you the App Armor
profiles that you've installed on the system.
Each of the profiles that you create are able to run in two possible modes - “complain mode” or
“enforce mode”. Enforce mode enforces the rules that have been set for the profile, while complain
mode does not enforce anything, it just logs any violation attempts – this is useful for test systems
to see what kind of errors could be thrown up.
eCryptfs
eCryptfs is a cryptographic filesystem for Ubuntu Server. This layers on top of the file system and
protects your files. You can install eCryptfs by typing sudo apt-get install ecryptfs-utils into the
terminal. You can then choose which partitions you want to encrypt (you can do this by following
the eCryptfs user manual.
Cloudflare
A great third party tool that can help you defend from attacks is Cloudflare. They have provisions to
provide you with SSL certificates and protection from brute force attacks.
Cloudflare specialize in security and site performance, while I do think it is possible to implement
some of the provisions they have on your own server, I don't necessarily see the point as their
service is low cost and very effective.
www.netshock.co.uk