ufw post changes

_drafts/2025-01-01-a-beginners-guide-to-ufw.md

@@ -31,78 +31,78 @@ UFW is a user-friendly interface for managing iptables, designed to simplify the
 Most modern Linux distributions come with UFW pre-installed. If it’s not already on your system, you can install it with the following commands:
 
 For Ubuntu/Debian:
-```console
+```sh
 sudo apt update
 sudo apt install ufw
 ```
 For CentOS/RHEL:
-```console
+```sh
 sudo yum install epel-release
 sudo yum install ufw
 ```
 For Arch Linux:
-```console
+```sh
 sudo pacman -S ufw
 ```
 ## Basic UFW Commands
 ### Enable UFW
 Before configuring UFW, you need to enable it:
-```console
+```sh
 sudo ufw enable
 ```
 ### Check UFW Status
 To see whether UFW is running and view current rules:
-```console
+```sh
 sudo ufw status
 ```
 ### Allowing connections
 To allow traffic on a specific port, use the `allow` command. For example, to allow SSH connections:
-```console
+```sh
 sudo ufw allow ssh
 ```
 Or, specify the port number:
-```console
+```sh
 sudo ufw allow 22
 ```
 ### Denying Connections
 To block traffic on a specific port:
-```console
+```sh
 sudo ufw deny 80
 ```
 ### Removing Rules
 To delete a rule, prepend the rule with `delete`. For example:
-```console
+```sh
 sudo ufw delete allow 22
 ```
 ### Resetting UFW
 To reset UFW to its default state, removing all rules:
-```console
+```sh
 sudo ufw reset
 ```
 ## Advanced Usage
 ### Limiting Connections
 To protect against brute-force attacks, you can limit connections by using `limit` rule in UFW. This rule restricts the rate of new connections from the same IP address, allowing only a limited number of connections per minute (default: 6 attempts within 30 seconds). You can adjust these values by modifying the UFW configuration files, typically found in `/etc/ufw/` or `/etc/ufw/ufw.conf`, or by customizing rate limits using iptables rules directly. within a specified time frame. For instance, to limit SSH attempts, you can execute:
-```console
+```sh
 sudo ufw limit ssh
 ```
 This helps to deter malicious actors trying to gain unauthorized access to your system by repeatedly guessing passwords or exploiting vulnerabilities.
 ### Allowing Specific IP Addresses
 To allow traffic from a specific IP address:
-```console
+```sh
 sudo ufw allow from 192.168.0.100
 ```
 Allowing Traffic to a Specific Port and IP
 For more granular control, you can specify both source IP and destination port:
-```console
+```sh
 sudo ufw allow from 192.168.0.100 to any port 22
 ```
 ### Using Application Profiles
 UFW supports application profiles to simplify rule management for common services. List available profiles with:
-```console
+```sh
 sudo ufw app list
 ```
 To allow a specific application, UFW provides predefined profiles for commonly used software and services. These profiles encapsulate the necessary port and protocol details, simplifying firewall configuration. For instance, to permit traffic for an application like Apache, you can execute:
-```console
+```sh
 sudo ufw allow 'Apache Full'
 ```
 This command enables both HTTP (port 80) and HTTPS (port 443) traffic, as defined in the application profile.
@@ -110,7 +110,7 @@ This command enables both HTTP (port 80) and HTTPS (port 443) traffic, as define
 ## Best Practices
 1. **Start with Defaults:** UFW's default policy denies incoming traffic and allows outgoing traffic, a good starting point for most setups.
 2. **Enable Logging:** Turn on logging to monitor blocked traffic:
-```console
+```sh
 sudo ufw logging on
 ```
 3. **Test Rules:** Before applying complex rules on a production system, test them in a safe environment.