UFW
Uncomplicated Firewall (UFW) is a simple-to-use but powerful firewall management software. It is a wrapper around iptables, automatically writing rules for it.
Basic Setup
This is more than sufficient for servers that are not meant to be web-facing.
ufw allow outgoing all ufw deny incoming all ufw allow ssh ufw allow 22
If using custom ports, adjust as needed. This would be set in /etc/ssh/sshd_config.
HTTP
Regardless of httpd flavor (Apache, NGINX, lighttpd, etc), this basic configuration should suffice.
ufw allow http ufw allow 80 ufw allow https ufw allow 443
If using custom ports, adjust as needed.
FTP
There are standard unencrypted FTP ports:
ufw allow 20/tcp ufw allow 21/tcp
For security, encrypted FTP uses a pool of ports. This is the recommended setup for vsftpd:
ufw allow 990/tcp ufw allow 40000:42000/tcp