UFW (Ubuntu):
-
Default deny:
sudo ufw default deny incoming
-
Allow necessary ports:
sudo ufw allow ssh
-
Enable UFW:
sudo ufw enable
Firewalld (CentOS):
-
Start:
sudo systemctl start firewalld
-
Default zone:
sudo firewall-cmd --set-default-zone=public
-
Allow SSH:
sudo firewall-cmd --permanent --add-service=ssh
-
Reload:
sudo firewall-cmd --reload
Proper firewall rules help control who can access your VPS and how.