Linux and the xServer Setup Process

This step is automated on Linux and no further action is required from the user.

We highly advise all Linux users to close all ports that are not in use, below you can find an easy guide on how to do that. If you have full access to your router, we advise you close all unused ports on the hardware side as well, not just the on the operational system side.

The default firewall configuration tool for Ubuntu is UFW.

UFW stands for uncomplicated firewall and helps ease IP-tables firewall configuration, and provides a user-friendly way to create an IPv4 or IPv6 host-based firewall. You can use any other firewall software you choose; we just advise you use UFW, commands will vary if you go with other software.

xServer related ports are the following:

• 22 (TCP)
• 443 (TCP)
• 4242 (TCP)
• 52342 (TCP)

To configure firewall ports to allow SSH and Validator service to communicate you need to input the following commands in your terminal:

sudo ufw allow 22

sudo ufw allow 443

sudo ufw allow 4242

sudo ufw allow 52342

sudo ufw allow ntp

sudo ufw enable

We also advise our users to setup Fail2Ban; it is a tool that scans log files and bans IPs that show malicious signs for instance too many password failures, seeking for exploits, etc. Generally, Fail2Ban is then used to update firewall rules to reject the IP addresses for a specified amount of time. It provides basic-level protection against distributed brute-force attacks.

The following command sets up Fail2Ban:

sudo apt install -y fail2ban && sudo systemctl enable fail2ban && sudo service fail2ban start

Warning: If you are running your xServer client on a machine with 8gb of RAM or less we highly advise that you set up a high swap RAM, you can find a guide on how to do it by clicking here.

Disclaimer: This is only valid if the VPS or local hardware was setup using the provisioner tool built-in your xCore client.