Skip to content
  • Bitcoin accepted
  • MMonero accepted
  • DMCA-resilient
  • Anonymous signup
  • ΞEthereum accepted
  • No KYC
  • 99.99% uptime
  • 24/7 support
  • 7-day money-back
  • Provisioned in < 5 min
  • Iceland · Switzerland · Netherlands
  • USDT accepted
Bitcoin accepted. Monero accepted. DMCA-resilient. Anonymous signup. Ethereum accepted. No KYC. 99.99% uptime. 24/7 support. 7-day money-back. Provisioned in under 5 minutes. Iceland, Switzerland, Netherlands. USDT accepted.
SilentHosts
Get started
Security3 min readUpdated 2026-04-30

Firewall basics with ufw

Default-deny inbound, allow only what you need. Standard ufw rules for a typical web VPS.

ufw is a friendly wrapper around iptables/nftables. The right starting policy: deny all inbound by default, allow only the ports your services need.

Install ufw

apt install ufw -y    # Ubuntu/Debian
dnf install ufw -y    # AlmaLinux/Rocky

Set the default policies

ufw default deny incoming
ufw default allow outgoing

Allow your SSH port FIRST

Before enabling the firewall, allow your SSH port — otherwise you lock yourself out:

ufw allow 22222/tcp

Allow web traffic

If you're running a web server:

ufw allow 80/tcp
ufw allow 443/tcp

Enable

ufw enable
ufw status verbose

The last command shows your full ruleset. Keep it clean — every open port is attack surface.

Related articles

Harden SSH on your offshore VPS

Disable password auth, enforce keys, change the port, restrict source IPs, and rate-limit attempts.

Read

Set up fail2ban in 5 minutes

Auto-ban IPs that fail too many SSH login attempts. The single highest-ROI security tool for VPS.

Read
All articlesStill stuck? Open a ticket

Deploy your first offshore server in 60 seconds.

Anonymous signup. Bitcoin & Monero accepted. Provisioned across 8 jurisdictions.

Get startedTalk to sales

No credit card required · 7-day money-back guarantee