I have currently opened only port 443 and the Wireguard port for my web service.
I'm also blocking inbound traffic from the WAN using several DB aliases, such as AbuseIPDB and Firehol.
Would it be a good idea to block outbound wan traffic as well?
I'm also curious whether applying the floating rule might be a better approach.