search

littlebizzy / slickstack

Lightning-fast WordPress on Nginx
https://slickstack.io
GNU General Public License v3.0
624 stars 113 forks source link

Consider replacing UFW firewall with basic iptables rules #181

Open jessuppi opened 1 year ago

jessuppi commented 1 year ago

A user on our Discord server suggested replacing UFW firewall with basic iptables could improve the simplicity and reliability of the configuration process.

I'm not sure if this would be a good idea or not, but it's certainly something we should consider.

Configuring UFW has been a challenge in SlickStack for a long time...

skygunner commented 1 year ago

How about csf. ufw doesn't support block a country's ip via country code.

jessuppi commented 5 months ago

@skygunner Thanks for the feedback, I don't thinks CSF is in the Ubuntu apt packages. And for stability reasons, SlickStack has always used the default/LTS packages available.

Plus, personally I'm just not a fan of bundling massive lists of constantly changing IP ranges. I think that's one of the features that really belongs on a WAF like Cloudflare, it's something that large companies can maintain much better than a small team... actually I don't even think CSF has any public GitHub repo either.