Bug#1071705: Add UFW profile integration with apache2

Thu, 23 May 2024 17:18:28 -0700 

Source: apache2
Version: 2.4.52-1ubuntu4
Severity: wishlist
Tags: patch

In 2008 Ubuntu implemented[1] an Uncomplicated Firewall (UFW) profile for
Apache2.  To the best I can tell, this has not yet been proposed to
Debian, although Debian does use ufw.

Are ufw profiles of interest to Debian?  If so, would Debian's Apache
maintenace team consider adopting this changeset from Ubuntu?

1:  https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/261198


>From cc0cadcadda2725d7c6a961f221bf643bddf6032 Mon Sep 17 00:00:00 2001
From: Bryce Harrington <br...@bryceharrington.org>
Date: Mon, 18 Jul 2022 17:51:08 -0700
Subject: [PATCH] Add Uncomplicated Firewall (UFW) profiles

---
 debian/apache2-utils.ufw.profile | 14 ++++++++++++++
 debian/apache2.dirs              |  1 +
 debian/apache2.install           |  1 +
 debian/control                   |  3 ++-
 4 files changed, 18 insertions(+), 1 deletion(-)
 create mode 100644 debian/apache2-utils.ufw.profile

diff --git a/debian/apache2-utils.ufw.profile b/debian/apache2-utils.ufw.profile
new file mode 100644
index 000000000..974a655cd
--- /dev/null
+++ b/debian/apache2-utils.ufw.profile
@@ -0,0 +1,14 @@
+[Apache]
+title=Web Server
+description=Apache v2 is the next generation of the omnipresent Apache web server.
+ports=80/tcp
+
+[Apache Secure]
+title=Web Server (HTTPS)
+description=Apache v2 is the next generation of the omnipresent Apache web server.
+ports=443/tcp
+
+[Apache Full]
+title=Web Server (HTTP,HTTPS)
+description=Apache v2 is the next generation of the omnipresent Apache web server.
+ports=80,443/tcp
diff --git a/debian/apache2.dirs b/debian/apache2.dirs
index 60890130b..1aa6d3c65 100644
--- a/debian/apache2.dirs
+++ b/debian/apache2.dirs
@@ -10,3 +10,4 @@ var/cache/apache2/mod_cache_disk
 var/lib/apache2
 var/log/apache2
 var/www/html
+/etc/ufw/applications.d/apache2
diff --git a/debian/apache2.install b/debian/apache2.install
index b6ad78940..92865fc4e 100644
--- a/debian/apache2.install
+++ b/debian/apache2.install
@@ -8,3 +8,4 @@ debian/config-dir/*.conf			/etc/apache2
 debian/config-dir/envvars			/etc/apache2
 debian/config-dir/magic				/etc/apache2
 debian/debhelper/apache2-maintscript-helper	/usr/share/apache2/
+debian/apache2-utils.ufw.profile /etc/ufw/applications.d/
diff --git a/debian/control b/debian/control
index a5d33f22e..87f1833b2 100644
--- a/debian/control
+++ b/debian/control
@@ -43,7 +43,8 @@ Depends: apache2-bin (= ${binary:Version}),
 Recommends: ssl-cert
 Suggests: apache2-doc,
           apache2-suexec-pristine | apache2-suexec-custom,
-          www-browser
+          www-browser,
+          ufw
 Pre-Depends: ${misc:Pre-Depends}
 Provides: httpd,
           httpd-cgi
-- 
2.34.1

Reply via email to