Install Uncomplicated Firewall and configure rules.
- Default policy to deny all incoming connections (except SSH port).
- Debian
A list of UFW rules. Each rule's parameters are passed to the ufw module as-is.
ufw_rules:
- comment: "Expose http port."
rule: "allow"
port: 80
direction: "in"
from: "any"
proto: "tcp"
- comment: "Expose https port."
rule: "allow"
port: 443
direction: "in"
from: "any"
proto: "tcp"