I started to create my very own website. I originally had it on a raspberry pi 3b but upgraded to an optiplex 9020 usff , 1tb SSD, 8gb ddr3 running Ubuntu Server LTS

I’ve spent more time on the backend than actually designing my site because I’m worried about security. This website and server will only be accessible within my network. So I’d like to know if the ufw rules I set up are a good start.

ufw default deny incoming

ufe default allow outgoing

ufw allow from 192.168.1.0/24 to any port 22 proto tcp

ufw allow from 192.168.1.0/24 to any port 80,443 proto tcp
ufw limit 22/tcp

I’ve also installed fail2ban.

I’ve also managed to install webmin, but I also want to install cockpit, grafana, Prometheus, loki, and promtail but I don’t want to overwhelm myself.

My optiplex sits beside my router while I ssh from my laptop and work on it. Any recommendations for securing my server or monitor it would be very helpful as chatgpt is the only teacher I have until I stumbled on this subs.