Server Management
FlyWP configures security best practices out of the box.
UFW (Uncomplicated Firewall) is enabled during provisioning with the following default rules:
| Port | Service | Access |
|---|---|---|
| 22 | SSH | Open |
| 80 | HTTP | Open |
| 443 | HTTPS | Open |
| 3306 | MySQL | Blocked |
| 6379 | Redis | Blocked |
You can add custom firewall rules from Server Settings → Firewall.
fail2ban monitors SSH and web server logs for brute-force attempts and automatically bans offending IPs. It is configured with sensible defaults:
FlyWP enables unattended security updates for Ubuntu packages. Critical patches are applied automatically without requiring a reboot.
All sites use TLS 1.2+ by default. FlyWP configures Nginx with a modern cipher suite that scores A+ on SSL Labs.