I have the following rules on our server within UFW:
To Action From
-- ------ ----
22 ALLOW 217.22.12.111
22 ALLOW 146.200.200.200
80 ALLOW Anywhere
443 ALLOW Anywhere
22/tcp ALLOW 109.104.109.0/26
The first two rules are our internal IP's which we want to ensure can always SSH in (port 22). The next two rules are to allow HTTP and HTTPS viewing from any IP addresses anywhere. The final rule is to allow SSH from our code deployment system.
I set a ufw default deny
rule up but it doesn't appear to be showing. Should I also have a final rule which denies everything?
If I add a deny everything rule, does the order the rules appear above make a difference? Presumably if this list gets longer adding another allow rule above a deny rule is impossible, meaning I'll have to remove and re-add some rules?