Virtual Users
If you create user accounts on a server, and then allow people to log on to the ftp server under those accounts, there’s a chance that some hacker could find a way out of the chroot jail. That would allow him to access areas of the file system where he has no authorization, and [...]
Chroot Jail for FTP Users
One concern when users FTP into your server, is that by default users who have accounts can roam your server to view contents of files. VSFTPD by default does not allow user logins, it allows anonymous by default. Anonymous users by default are locked into the directory that they login to. [...]
When you are using a FTP server you can connect using either Active or Passive connections. Each has advantages and disadvantages. When you set up FTP, in this example using VSFTPD, you need to make this connection decision. Active connections are safest for the server but at times may not work for some clients. [...]
ufw Firewall
UFW or Uncomplicated Firewall, is a text based firewall that works with iptables. UFW is designed to be an easier way to manage a firewall from the command line. Whether this is easier than learning iptables or not, you can decide. But UFW comes partially set up when you install Ubuntu. Now it [...]
UFW Mechanics
Now that you have some security set up it is time to just see how it all works. The easiest method is to allow access to a specific port to everyone. For example, if you wanted to allow everyone access to your web server on port 80 you could do this command:
sudo ufw [...]
Add Profiles
You now can add profiles to the rules that you want to use. Several default profiles have been created by Ubuntu so that you can add those profiles for applications that you want to use.
sudo ufw allow Apache
Rule added
sudo ufw status
Status: active
To Action From
– —— —-
22/tcp ALLOW 192.68.5.0/24
Apache ALLOW Anywhere
iptables -L [...]
