Home > Web Application Hosting > Howto setup iptables for www and db(mysql) on linux

Howto setup iptables for www and db(mysql) on linux

August 24th, 2009

Since I provide fully managed hosting services to my selective clients, I’ve been setting up iptables more than I can count. After a while I have the tendency to automate common tasks. In the case of setting iptables it can easily be done by downloading and running a shell script. So I created these two shell scripts each one targets a specific server usage: one for WWW servers and the other is for dedicated DB servers.

Here is a couple of assumptions:

  • Using a linux server
  • Has iptables installed and running
  • You have root access to the server (or enough privileges to run these commands)
  • Not a must, but I only tested these scripts on a CentOS server (and many of them…)
  • You know what you are doing!

The scripts simply clears the current settings of your iptables, adds open ports as necessary and restarts the iptables service. In the case of WWW it opens the ports 22, 80, and 443 (SSL). In the case of MYSQL it opens the ports 22, and 3306 and if you wish you can uncomment a line in there to restrict access only to a specific set of IPs. In the case of a dedicated server you may only want the corresponding WWW server to be able to access the MYSQL server. Here are the steps, I will divide them by the type of the server:

Setting iptables on a WWW server:

wget http://www.activoinc.com/downloads/iptables-www
chmod +x iptables-www
./iptables-www

Setting iptables on a MySQL server:

wget http://www.activoinc.com/downloads/iptables-mysql
chmod +x iptables-mysql
./iptables-mysql

Note: there is absolutely no warranty that this will work, it is provided with the sole hope that it may save you a few minutes or a couple of hours.

Web Application Hosting ,

Comments are closed.