Part of series: Linux
1. What is UFW?
UFW (Uncomplicated Firewall) is the easiest way to manage the firewall on Ubuntu and Debian. By default, it denies all incoming traffic and allows all outgoing traffic.
2. Installation and status
UFW usually comes installed by default on Ubuntu. Check its status:
sudo ufw status verboseIf it represents inactive, DO NOT enable it yet until you allow SSH, or you will lock yourself out of your own server.
3. Basic Configuration
3.1 Allow SSH
First of all, make sure to allow SSH connection (port 22 by default):
sudo ufw allow ssh
# Or if you use a different port, for example 2222:
# sudo ufw allow 2222/tcp3.2 Enable the firewall
Now, enable UFW:
sudo ufw enableConfirm when prompted.
4. Rules Management
4.1 Allow other services
If you have a web server or a specific application:
# Allow HTTP and HTTPS
sudo ufw allow http
sudo ufw allow https
# Allow a specific port
sudo ufw allow 8080/tcp4.2 Delete rules
To delete rules safely, first list them by number:
sudo ufw status numberedYou will see something like:
[ 1] 22/tcp ALLOW IN Anywhere
[ 2] 80/tcp ALLOW IN AnywhereTo delete rule number 2:
sudo ufw delete 25. Command Summary
sudo ufw enable: Enables the firewall.sudo ufw disable: Disables the firewall.sudo ufw status: Shows the status.sudo ufw allow <port>: Allows traffic on a port.sudo ufw deny <port>: Denies traffic on a port.sudo ufw reload: Reloads the configuration.
Keep your server secure with these basic rules!