Reviews (0)
No reviews yet. Be the first to review this listing.
Write a review
Is this your business?
About
Uncomplicated Firewall is a program for managing a netfilter firewall designed to be easy to use.
Installing UFW on UbuntuInstall the UFW on Ubuntu by executing the command as :
sudo apt-get update && sudo apt-get -y install ufw
Configure Zimbra Firewall usign UFWBecause of recent Memcache amplification attacks for UDP ports, we won’t enable udp port as it will cause serious problems. Due to this reason we will use only tcp ports which is protected from these.
We need an application profile for UFW, so let’s create this profile as:
sudo nano /etc/ufw/application.d/zimbra
Then add the following lines
[Zimbra]
title=Zimbra Collaboration Server
description=Open source server for email, contacts, calendar, and more.
ports=22,25,80,110,143,161,389,443,465,514,587,993,995,7071,8443,11211/tcp
After that enable app profile on ufw
sudo ufw allow Zimbra
sudo ufw enable
Then add ssh port as
sudo ufw allow ssh
To make any changes to the Zimbra profile, update it using:
$ sudo ufw app update Zimbra
Rules updated for profile 'Zimbra'
Skipped reloading firewall
Because for a single server installation, Memcache is not used outside the local server, consider binding it to the loopback ip address. So, use the commands:
sudo su - zimbra
zmprov ms zmhostname zimbraMemcachedBindAddress 127.0.0.1
zmprov ms zmhostname zimbraMemcachedClientServerList 127.0.0.1
Then restart Memcache services.
sudo su - zimbra -c "zmmemcachedctl restart"
Restricting Access to Admin dashboardAs it is a good practice to always restrict access to port 7071 to a trusted network or IP, so do it by typing:
$ sudo ufw allow from 192.168.1.10 to any port 7071
$ sudo ufw allow from 192.168.1.0/24 to any port 7071
So, this is how you can configure your Zimbra Server with firewall using ufw on Ubuntu 18.04 LTS.
sudo apt-get update && sudo apt-get -y install ufw
Configure Zimbra Firewall usign UFWBecause of recent Memcache amplification attacks for UDP ports, we won’t enable udp port as it will cause serious problems. Due to this reason we will use only tcp ports which is protected from these.
We need an application profile for UFW, so let’s create this profile as:
sudo nano /etc/ufw/application.d/zimbra
Then add the following lines
[Zimbra]
title=Zimbra Collaboration Server
description=Open source server for email, contacts, calendar, and more.
ports=22,25,80,110,143,161,389,443,465,514,587,993,995,7071,8443,11211/tcp
After that enable app profile on ufw
sudo ufw allow Zimbra
sudo ufw enable
Then add ssh port as
sudo ufw allow ssh
To make any changes to the Zimbra profile, update it using:
$ sudo ufw app update Zimbra
Rules updated for profile 'Zimbra'
Skipped reloading firewall
Because for a single server installation, Memcache is not used outside the local server, consider binding it to the loopback ip address. So, use the commands:
sudo su - zimbra
zmprov ms zmhostname zimbraMemcachedBindAddress 127.0.0.1
zmprov ms zmhostname zimbraMemcachedClientServerList 127.0.0.1
Then restart Memcache services.
sudo su - zimbra -c "zmmemcachedctl restart"
Restricting Access to Admin dashboardAs it is a good practice to always restrict access to port 7071 to a trusted network or IP, so do it by typing:
$ sudo ufw allow from 192.168.1.10 to any port 7071
$ sudo ufw allow from 192.168.1.0/24 to any port 7071
So, this is how you can configure your Zimbra Server with firewall using ufw on Ubuntu 18.04 LTS.
Reviews (0)
No reviews yet. Be the first to review this listing.
Write a review
Contact
Views
406
Listed
Jun 2021