Build Your Own Personal Web Site Hosting Server

Build A Debian 11 Hosting Server Using Apache, BIND, Dovecot, MariaDb, PureFTPD and ISPConfig

Build a Debian 11 Web Site Hosting Server Using Apache, BIND, Dovecot, MariaDb, PureFTPD and ISPConfig Featuring PHPMyAdmin and RoundCube Web Applications with Multiple PHP Versions

Tutorial 3 Best if viewed by Tablet or Computer
  • Written By:
    Edward Kimmel
  • Published On:
    November 13th, 2022
    9:00 PM
  • Last Updated:
    December 9th, 2022
    9:00 PM

A Tutorial To Build A Debian 11 Web Site Hosting Server Using Apache, BIND, Dovecot, MariaDb, PureFTPD and ISPConfig - Page: 5

By: Edward Kimmel

Secure Your Server Using Firewalld

4.01 Overview

  The default version of the Debian Firewall is not installed automatically when you installed the OS on your computer originally. You must install the required packages from the default repositories. ISPConfig does contain a version of the Bastille firewall but I personally would rather use the firewalld daemon.

4.02 Install Debian Firewalld

  Now to install Debian 11 Firewall (firewalld), just run the following command:

apt install -y firewalld

4.03 Open Used Ports In Debian Firewalld

  Now to Configure Firewall (Firewalld).

  Importantly, the default SSH firewall allows remote users. But if the SSH port changes, you need to allow SSH access to another port. To do this, run the following command:

firewall-cmd --permanent --add-port=2232/tcp

  As you can see in the following commands, you can directly provide service names such as “MySQL”, “FTP”, “DNS”, “HTTP” or “HTTPS” for permission:

firewall-cmd --permanent --add-service=http

firewall-cmd --permanent --add-service=https

firewall-cmd --permanent --add-service=mysql

firewall-cmd --permanent --add-service=ftp

firewall-cmd --permanent --add-service=dns

  As the example previously shown, you can open your mail server ports with the following commands:

Open SMTP Port 25:

firewall-cmd --permanent --add-port=25/tcp

Open SMTP Port 587:

firewall-cmd --permanent --add-port=587/tcp

Open SMTP Secure Port 465:

firewall-cmd --permanent --add-port=465/tcp

Open POP Port 110:

firewall-cmd --permanent --add-port=110/tcp

Open POPS Port 995:

firewall-cmd --permanent --add-port=995/tcp

Open IMAP Port 143:

firewall-cmd --permanent --add-port=143/tcp

Open IMAP3 Port 993:

firewall-cmd --permanent --add-port=993/tcp

Open Cockpit port:

firewall-cmd --permanent --add-port=9090/tcp

You should now update and activate the changes you made:

firewall-cmd --reload

4.04 Don’t Install ISPConfig Bastille Firewall

  Note: Since you are using firewalld as your server’s firewall, during the ISPConfig installation when asked, Configure Firewall Server (y,n) [y]: answer this n or No.

  If you answer [y], ISP Config’s installation will install and enable the Bastille firewall. Running 2 firewalls at the same time will cause problems.