How to configure iptables to secure Nginx server on Ubuntu

Where necessary, you may need to have access to a VPS server so you can follow how to implement the steps in this article. You can get a cheaper VPS Server from Contabo with 4vCPU cores, 8GM RAM, and 32TB Bandwidth for less than $5.50 per month. Get this deal here now

UPDATED: 8 months ago | Elijah Were

$5.50 Monthly

4 vCPU Cores | 8GB RAM

$15.50 Monthly

6 vCPU Cores | 16GB RAM

$17.50 Monthly

8 vCPU Cores | 24GB RAM

Securing your Nginx server is crucial to ensure the safety of your website or application. One effective way to enhance the security of your server is by configuring iptables, a powerful firewall management tool in Ubuntu. In this guide, we’ll walk through the process of setting up iptables to protect your Nginx server.

Step 1: Install iptables

Before configuring iptables, make sure it is installed on your Ubuntu server. If not, you can install it using the following command:

sudo apt-get update
sudo apt-get install iptables

Step 2: Define Default Policies

Start by defining default policies for the INPUT, OUTPUT, and FORWARD chains. This helps determine the default behavior for traffic that doesn’t match any specific rules.

sudo iptables -P INPUT DROP
sudo iptables -P OUTPUT ACCEPT
sudo iptables -P FORWARD DROP

Step 3: Allow Incoming SSH Connections

To maintain remote access to your server, allow incoming SSH connections. Replace your_ip_address with your actual IP address.

sudo iptables -A INPUT -p tcp --dport 22 -s your_ip_address -j ACCEPT

Step 4: Allow Incoming HTTP and HTTPS Traffic

For Nginx to serve web pages, allow incoming traffic on ports 80 (HTTP) and 443 (HTTPS).

sudo iptables -A INPUT -p tcp --dport 80 -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 443 -j ACCEPT

Step 5: Enable Loopback Interface

Allow traffic on the loopback interface to ensure local applications can communicate with each other.

sudo iptables -A INPUT -i lo -j ACCEPT
sudo iptables -A OUTPUT -o lo -j ACCEPT

Step 6: Save and Apply Rules

Save your iptables rules to ensure they persist after a system reboot.

sudo sh -c "iptables-save > /etc/iptables.rules"

To apply the rules immediately, use:

sudo iptables-restore < /etc/iptables.rules

Conclusion

Configuring iptables is an essential step in enhancing the security of your Nginx server on Ubuntu. By following these steps and customizing the rules according to your specific needs, you can establish a robust firewall to protect your server from unauthorized access and potential threats. Regularly review and update your iptables rules to adapt to evolving security requirements.

Hire us to handle what you want

Hire us through our Fiverr Profile and leave all the complicated & technical stuff to us. Here are some of the things we can do for you:

Website migration, troubleshooting, and maintenance.
Server & application deployment, scaling, troubleshooting, and maintenance
Deployment of Kubernetes, Docker, Cloudron, Ant Media, Apache, Nginx, OpenVPN, cPanel, WHMCS, WordPress, and more
Everything you need on AWS, IBM Cloud, GCP, Azure, Oracle Cloud, Alibaba Cloud, Linode, Contabo, DigitalOcean, Ionos, Vultr, GoDaddy, HostGator, Namecheap, DreamHost, and more.

We will design, configure, deploy, or troubleshoot anything you want. Starting from $10, we will get your job done in the shortest time possible. Your payment is safe with Fiverr as we will only be paid once your project is completed.