I have a box is running very well and I followed one of the instructions to install MIAB on YouTube with AWS Lightsail. However, when I check the log. I noticed there are lots of different strange IP tried to access my server.
Based on the YouTube guide - We will open all TCP & UDP port from 0 - 65,535.
Based on the ports to open post. We will open ports: 22, 25, 53, 80, 443, 993, 995, 4190 for TCP only.
So I tried to allow only those ports above. Unfortunately, After I did that my MIAB server could not running anymore. Then, I have to reopen all the port for both TCP and UDP.
Could someone please guide me which ports should be open for safety and security?
Port 53 is opened to both protocols. This is your culprit. And you also missed port 587
You stated that you are seeing a lot of attempts to access your server in the logs … many sysadmins will change the default ssh port (22) to a non-standard port. The reasoning for this is that most bots will simply move on to a different IP if port 22 is closed.