Hardening MiaB server with UFW mimicking Cloudflare's WAF?

Continuing the discussion from Adding Cloudflare CDN to a website using MIAB as its mail server:

As much I would like to have Cloudflare take care of everything, keeping it up to date would be a pain, and I like to know what is going on. With the preinstalled and configured ufw, that is not case, we are in control and its installed with MiaB.

I have always resisted going down the Cloudlfare rabbit hole just to get their reverse proxy nameservers. But as it relates to MiaB I would never consider Cloudflare. MiaB does such a brilliant job of managing the DNS, and you can always add some rules to UFW to deny access to all IPs other than the VPS and public IPs whitelisted.

So if I can mimic Cloudflare’s “Bots Fight Mode” then there would be less reason to look at CF. If someone has done something similar and can share their rules for common bots/crawlers/spiders, I would sure appreciate it.

I know the rules of the forum and I really dont want you to take this the wrong way… but dont you think that its a little crazy to think that something the MIAB project or one person cobbles together can outpreform cloudflare? I mean, there’s a reason they sell their stuff to people… because they are good at what they do.

Personally I use cloudflare for domain name registration and dns and I can’t be happier.

I’m not even sure “what would be a pain” to keep up-to-date? The DNS records that are manually copied over from MiaB? How many changes are you really doing?

Most of MiaB users dont put any layer of protection in front of it and are fine… The project does a decent job at it, adding Cloudflare would be “extra”

Anyways, My 2 cents.

I’m not trying to be a jerk. Just thought a bit of constructive criticism would be “friendly”

2 Likes

No that’s fine, thank you for your friendly “constructive criticism”.

Upon reading past threads on Slack about using Cloudflare with MiaB, it has been answered many times with a caveat–you are on your own with DNS on Cloudflare. I am echoing what I have read. Personally I don’t have a problem copying and pasting DNS records to Cloudflare and let them handle nameservers and reverse proxy.

OK, so that’s the first time I have heard that in the forums. The project is really well thought out, I agree. I also use Cloudflare for what they are really good at, but will leave MiaB as it is. Thank you for your 2 cents :smiley:

This topic was automatically closed 40 days after the last reply. New replies are no longer allowed.