Zimbra Firewall Configuration with ufw for Ubuntu

Windows Articles

How to install OpenLiteSpeed on Ubuntu 20.04?

There are several web servers for Linux but other alternatives are always welcome. In this case, I will show you how to...

Linux 5.7 available

Time passes very quickly and we already have a new version of the Linux kernel that as always we are happy because...

How to install RStudio on Ubuntu 20.04 / 18.04

No matter how complete and robust a programming language is, the programmer will always need a tool to write the code. These programs have...

How to install Arduino IDE on Ubuntu 20.04 / 18.04 / Linux Mint 19.X?

Hi, folks. In this post, we will show you how to install Arduino IDE on Ubuntu 20.04/ 18.04 and Linux mint 19.x. You probably already...

How To Install Icinga 2 on Ubuntu 20.04

Today we are going to learn that how to Install Icinga 2 on Ubuntu 20.04. Before going to the installation process let's...

Previously we had cover the Installation of Zimbra Collaboration on Ubuntu 18.04. Today, we will go through the Firewall configuration with ufw for Ubuntu 18.04.

Installing UFW on Ubuntu

Install the UFW on Ubuntu by executing the command as

sudo apt-get update && sudo apt-get -y install ufw

Configure Zimbra Firewall usign UFW

Because of recent Memcache amplification attacks for UDP ports, we won’t enable udp port as it will cause serious problems. Due to this reason we will use only tcp ports which is protected from these.

Because we need an application profile for UFW, so let’s create this profile as:

sudo nano /etc/ufw/application.d/zimbra

Then add the following lines

[Zimbra]
title=Zimbra Collaboration Server
description=Open source server for email, contacts, calendar, and more.
ports=22,25,80,110,143,161,389,443,465,514,587,993,995,7071,8443,11211/tcp

After that enable app profile on ufw

sudo ufw allow Zimbra
sudo ufw enable

Then add ssh port as

sudo ufw allow ssh

To make any changes to the Zimbra profile, update it using:

$ sudo ufw app update Zimbra
Rules updated for profile 'Zimbra'
Skipped reloading firewall

Because for a single server installation, Memcache is not used outside the local server, consider binding it to the loopback ip address. So, use the commands:

sudo su - zimbra
zmprov ms zmhostname zimbraMemcachedBindAddress 127.0.0.1
zmprov ms zmhostname zimbraMemcachedClientServerList 127.0.0.1

Then restart Memcache services.

sudo su - zimbra -c "zmmemcachedctl restart"

Restricting Access to Admin dashboard

As it is a good practice to always restrict access to port 7071 to a trusted network or IP, so do it by typing:

$ sudo ufw allow from 192.168.1.10 to any port 7071
$ sudo ufw allow from 192.168.1.0/24 to any port 7071

So, this is how you can configure your Zimbra Server with firewall using ufw on Ubuntu 18.04 LTS.

More articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest article

How to install OpenLiteSpeed on Ubuntu 20.04?

There are several web servers for Linux but other alternatives are always welcome. In this case, I will show you how to...

Linux 5.7 available

Time passes very quickly and we already have a new version of the Linux kernel that as always we are happy because...

How to install RStudio on Ubuntu 20.04 / 18.04

No matter how complete and robust a programming language is, the programmer will always need a tool to write the code. These programs have...

How to install Arduino IDE on Ubuntu 20.04 / 18.04 / Linux Mint 19.X?

Hi, folks. In this post, we will show you how to install Arduino IDE on Ubuntu 20.04/ 18.04 and Linux mint 19.x. You probably already...

How To Install Icinga 2 on Ubuntu 20.04

Today we are going to learn that how to Install Icinga 2 on Ubuntu 20.04. Before going to the installation process let's...