I just setup a minecraft server on an old laptop, but to make it acessible i needed to open up a port. Currently, these are the ufw rules i have. when my friends want to connect, i will have them find their public ip and ill whilelist only them. is this secure enough? thanks
`Status: active
To Action From
22/tcp ALLOW Anywhere Anywhere ALLOW my.pcs.local.ip`
also, minecraft is installed under a separate user, without root privlege
More effort than I would consider. I’d just allow all traffic incoming on that port. I’d only consider whitelist if someone was giving me grief. Even then that would be after blacklisting an IP wasn’t solving my problem.
Port 22 is the default SSH port and it receives a TON of malicious traffic any time it’s open to the whole internet. 20 years ago I saw a newly installed server with a weak root password get infected by an IP address in China less than an hour after being connected to the open internet.
With all the bots out there these days it would probably take a lot less time if we ran the same experiment again.
Ha. That’s my bad. I didn’t even read the firewall rules listing 22/SSH. I agree on not opening 22 to the world. It just invites bots throwing passwords at it.
I just read Minecraft in the original post which from reading runs from 25565 which I wouldn’t worry about. If OP needs 22 for admission I’d either whitelist it or use a VPN/Tailscale.