HomeFirewall/SecurityHow to Set Up UFW Firewall on Ubuntu

How to Set Up UFW Firewall on Ubuntu

The Uncomplicated Firewall (UFW) is a front-end for managing iptables on Ubuntu and other Linux distributions. It simplifies the process of configuring firewall rules, making it more accessible for users who may not be familiar with the intricacies of iptables. UFW provides an easy way to protect your VPS from unauthorized access by controlling incoming and outgoing network traffic.

In this article, we’ll guide you through the process of setting up and managing UFW on Ubuntu, ensuring your server is secure.

Prerequisites

  • Ubuntu 18.04 or later.
  • A user with sudo privileges.
  • SSH access to the server

1. Install UFW

UFW is installed by default on most Ubuntu installations, but you can verify its status.

If UFW is not installed, you can install it using:

sudo apt update
sudo apt install ufw

2. Enabling UFW

Once you’ve verified UFW is installed, you can enable it. It’s good practice to allow SSH connections before enabling UFW to avoid being locked out, especially if you’re connected remotely.

To allow SSH connection

sudo ufw allow ssh

Now, enable UFW.

sudo ufw enable

3. Configure Basic Rules

With UFW enabled, you can begin setting rules to control traffic. By default, UFW denies all incoming connections and allows outgoing connections. You can verify the default rules by running:

sudo ufw default allow outgoing
sudo ufw default deny incoming

Allowing HTTP and HTTPS Traffic

If you’re running a web server, you’ll likely want to allow HTTP (port 80) and HTTPS (port 443) traffic:

sudo ufw allow http
sudo ufw allow https

Allowing Specific Ports

You can also allow or deny specific ports. For instance, to allow traffic on port 8080:

sudo ufw allow 8080

Denying Specific Ports

If you want to deny traffic on a specific port, you can use the following syntax:

sudo ufw deny 8080

Deleting Rules

If you need to remove a rule, you can use:

ufw delete allow 8080

This will remove the rule allowing traffic on port 8080.

Checking UFW Status and Rules

After configuring UFW, it’s essential to check the status and verify that the firewall rules are active. Use the following command:

sudo ufw status

Disable UFW

If at any point you want to disable UFW, you can do so with:

ufw disable

This will stop UFW and remove all firewall rules, reverting to the default configuration.

Conclusion

Setting up UFW on Ubuntu is an effective way to enhance your server’s security. By following these steps, you can configure UFW to control traffic, ensuring only authorized connections are allowed. This firewall is flexible and can be adjusted based on the specific requirements of your server environment.

Scroll to Top