Add Allow HTTPS Through Your UFW Firewall as a devops til

README.md

@@ -10,7 +10,7 @@ smart people at [Hashrocket](http://hashrocket.com/).
 For a steady stream of TILs from a variety of rocketeers, checkout
 [til.hashrocket.com](https://til.hashrocket.com/).
 
-_678 TILs and counting..._
+_679 TILs and counting..._
 
 ---
 
@@ -98,6 +98,7 @@ _678 TILs and counting..._
 ### Devops
 
 - [Aliasing An Ansible Host](devops/aliasing-an-ansible-host.md)
+- [Allow HTTPS Through Your UFW Firewall](devops/allow-https-through-your-ufw-firewall.md)
 - [Check The Status of All Services](devops/check-the-status-of-all-services.md)
 - [Check The Syntax Of nginx Files](devops/check-the-syntax-of-nginx-files.md)
 - [Determine The IP Address Of A Domain](devops/determine-the-ip-address-of-a-domain.md)

devops/allow-https-through-your-ufw-firewall.md

@@ -0,0 +1,34 @@
+# Allow HTTPS Through Your UFW Firewall
+
+UFW -- Uncomplicated Firewall -- is just what is sounds like. I have it
+running on a DigitalOcean box and it is only letting through traffic on
+ports 80 (HTTP) and 22 (SSH). I am setting up SSL for a domain hosted on
+this box which means I need to also let through traffic on 443 (HTTPS).
+
+The allowed ports can be checked with the `status` command:
+
+```bash
+$ sudo ufw status
+
+Status: active
+
+To                         Action      From
+--                         ------      ----
+OpenSSH                    ALLOW       Anywhere
+Nginx HTTP                 ALLOW       Anywhere
+OpenSSH (v6)               ALLOW       Anywhere (v6)
+Nginx HTTP (v6)            ALLOW       Anywhere (v6)
+```
+
+As we can see, `HTTPS` has not yet been allowed by `ufw`. We can _allow_
+HTTPS traffic with the `allow` command.
+
+```bash
+$ sudo ufw allow https
+```
+
+Check the status again and see that `HTTPS` is now included in the list.
+
+[source](https://www.digitalocean.com/community/tutorials/how-to-setup-a-firewall-with-ufw-on-an-ubuntu-and-debian-cloud-server)
+
+h/t Dillon Hafer