I’ve been running my server without a firewall for quite some time now, I have a piped instance and snikket running on it. I’ve been meaning to get UFW on it but I’ve been too lazy to do so. Is it a necessary thing that I need to have or it’s a huge security vulnerability? I can only SSH my server from only my local network and must use a VPN if I wanna SSH in outside so I’d say my server’s pretty secure but not the furthest I could take it. Opinions please?
You don’t. Providing you have an upstream gateway that do the firewall for you, provided you don’t have an open WiFi, provided you use a reverse proxy, provided you have sane network settings all around, provided you run linux(or similar).
Even better if you are behind CGNAT.
Provided you know what you are doing.
On the other hand, setting up a firewall in a safe way is no easy task either.
I use an opnSense on top of my home network, given all the above “provided”.
Before that, I never run a firewall and never had an issue. Always being cg-nat tough.