Setting Up UFW to Only Allow HTTP and HTTPS from CloudFlare

If you have a public-facing Ubuntu web server and are using Cloudflare to protect your websites, configuring UFW to only allow connections from CloudFlare will protect your server against malicious requests that bypass DNS entries and go directly to your servers IP address. This decreases your attack surface and forces all traffic through the CloudFlare CDN. Please note: these directions assume that you do NOT already have UFW rules in place that allow inbound traffic to ports 80 or 443 and that you DO already have necessary admin rules in UFW such as 22/SSH. Download the two Cloudflare IP address … Continue reading Setting Up UFW to Only Allow HTTP and HTTPS from CloudFlare