The Uncomplicated Firewall (UFW) is a front-end for managing iptables on Ubuntu and other Linux distributions. It simplifies the process of configuring firewall rules, making it more accessible for users who may not be familiar with the intricacies of iptables. UFW provides an easy way to protect your VPS from unauthorized access by controlling incoming and outgoing network traffic.
In this article, we’ll guide you through the process of setting up and managing UFW on Ubuntu, ensuring your server is secure.
Prerequisites
- Ubuntu 18.04 or later.
- A user with sudo privileges.
- SSH access to the server
1. Install UFW
UFW is installed by default on most Ubuntu installations, but you can verify its status.
If UFW is not installed, you can install it using:
sudo apt update
sudo apt install ufw
2. Enabling UFW
Once you’ve verified UFW is installed, you can enable it. It’s good practice to allow SSH connections before enabling UFW to avoid being locked out, especially if you’re connected remotely.
To allow SSH connection
sudo ufw allow ssh
Now, enable UFW.
sudo ufw enable
3. Configure Basic Rules
With UFW enabled, you can begin setting rules to control traffic. By default, UFW denies all incoming connections and allows outgoing connections. You can verify the default rules by running:
sudo ufw default allow outgoing
sudo ufw default deny incoming
Allowing HTTP and HTTPS Traffic
If you’re running a web server, you’ll likely want to allow HTTP (port 80) and HTTPS (port 443) traffic:
sudo ufw allow http
sudo ufw allow https
Allowing Specific Ports
You can also allow or deny specific ports. For instance, to allow traffic on port 8080:
sudo ufw allow 8080
Denying Specific Ports
If you want to deny traffic on a specific port, you can use the following syntax:
sudo ufw deny 8080
Deleting Rules
If you need to remove a rule, you can use:
ufw delete allow 8080
This will remove the rule allowing traffic on port 8080.
Checking UFW Status and Rules
After configuring UFW, it’s essential to check the status and verify that the firewall rules are active. Use the following command:
sudo ufw status
Disable UFW
If at any point you want to disable UFW, you can do so with:
ufw disable
This will stop UFW and remove all firewall rules, reverting to the default configuration.
Conclusion
Setting up UFW on Ubuntu is an effective way to enhance your server’s security. By following these steps, you can configure UFW to control traffic, ensuring only authorized connections are allowed. This firewall is flexible and can be adjusted based on the specific requirements of your server environment.
Also Read: