← Graph

UFW

tool 3 connections

Host-level firewall configured inside the VM (in addition to the cloud firewall). Strzibny's default policy denies everything and then selectively allows 22 (SSH), 80/443 (HTTP/HTTPS) and the 10.0.0.0/16 private network for intra-VPC traffic, reflecting a defense-in-depth approach.

category
tool
talk Kamal is not harder than your PaaS
about
UFW tool
Host firewall layered with the cloud firewall.
takeaway Layer security in depth on your Kamal VM
about
UFW tool
Named as part of the defense-in-depth stack.
concept cloud-init
related_to
UFW tool
Cloud-init configures UFW inside the VM.

Provenance

Created in
Kamal is not harder than your PaaS — Josef Strzibny at wr... 2026-04-22 08:41
Read by
1 extraction