diff --git a/README.md b/README.md index 679b460..bb50312 100644 --- a/README.md +++ b/README.md @@ -10,7 +10,7 @@ smart people at [Hashrocket](http://hashrocket.com/). For a steady stream of TILs from a variety of rocketeers, checkout [til.hashrocket.com](https://til.hashrocket.com/). -_678 TILs and counting..._ +_679 TILs and counting..._ --- @@ -98,6 +98,7 @@ _678 TILs and counting..._ ### Devops - [Aliasing An Ansible Host](devops/aliasing-an-ansible-host.md) +- [Allow HTTPS Through Your UFW Firewall](devops/allow-https-through-your-ufw-firewall.md) - [Check The Status of All Services](devops/check-the-status-of-all-services.md) - [Check The Syntax Of nginx Files](devops/check-the-syntax-of-nginx-files.md) - [Determine The IP Address Of A Domain](devops/determine-the-ip-address-of-a-domain.md) diff --git a/devops/allow-https-through-your-ufw-firewall.md b/devops/allow-https-through-your-ufw-firewall.md new file mode 100644 index 0000000..221817a --- /dev/null +++ b/devops/allow-https-through-your-ufw-firewall.md @@ -0,0 +1,34 @@ +# Allow HTTPS Through Your UFW Firewall + +UFW -- Uncomplicated Firewall -- is just what is sounds like. I have it +running on a DigitalOcean box and it is only letting through traffic on +ports 80 (HTTP) and 22 (SSH). I am setting up SSL for a domain hosted on +this box which means I need to also let through traffic on 443 (HTTPS). + +The allowed ports can be checked with the `status` command: + +```bash +$ sudo ufw status + +Status: active + +To Action From +-- ------ ---- +OpenSSH ALLOW Anywhere +Nginx HTTP ALLOW Anywhere +OpenSSH (v6) ALLOW Anywhere (v6) +Nginx HTTP (v6) ALLOW Anywhere (v6) +``` + +As we can see, `HTTPS` has not yet been allowed by `ufw`. We can _allow_ +HTTPS traffic with the `allow` command. + +```bash +$ sudo ufw allow https +``` + +Check the status again and see that `HTTPS` is now included in the list. + +[source](https://www.digitalocean.com/community/tutorials/how-to-setup-a-firewall-with-ufw-on-an-ubuntu-and-debian-cloud-server) + +h/t Dillon Hafer