ufw防火牆自架dns主機

文章由 **Brave Ye** » 2026-04-01, 20:31

再設定ufw規則

# 1. Set default policies to deny incoming, allow outgoing
sudo ufw default deny incoming
sudo ufw default allow outgoing

# 2. Allow necessary services (HTTP/HTTPS)
sudo ufw allow 80/tcp
sudo ufw allow 443/tcp

# 3. Allow DNS (UDP & TCP for queries)
sudo ufw allow 53

# 5. Enable UFW
sudo ufw enable

# 6. Verify rules
sudo ufw status verbose

從server world 上設定Debian 13
再裝dns bind9

代碼: 選擇全部

 apt -y install bind9 bind9utils

nano /etc/default/named

代碼: 選擇全部

#
# run resolvconf?
#RESOLVCONF=no
# startup options for the server
#改下面這一行
OPTIONS="-u bind -4"

nano /etc/resolv.conf
例如我的ip是123.240.180.243

代碼: 選擇全部

# Generated by NetworkManager
nameserver 123.240.180.243
#一定要設下面這行
nameserver 8.8.8.8

並開機啟動named服務

代碼: 選擇全部

systemctl enable named

代碼: 選擇全部

systemctl restart named

接下來用Debian安裝mediawiki來安裝apache2 php mysql(也就是mariadb)
viewtopic.php?p=3808
接下來設定 apache2 的 ssl 傳輸加密
viewtopic.php?t=3902&sid=e051ab242bfc9a ... 0beb282da0