Introduction
Server security is fundamental. UFW (Uncomplicated Firewall) is a simple tool to manage firewall rules on Ubuntu and other Debian-based Linux distributions. This guide will show you how to configure UFW to protect your server.
Prerequisites
- An Ubuntu or Debian system.
- Access with sudo privileges.
Step 1: Install UFW (if not already installed)
sudo apt install ufw -y
Step 2: Check the Current Status of UFW
Check if UFW is active:
sudo ufw status verbose
Step 3: Allow SSH Connections
Before enabling UFW, make sure to allow SSH connections to avoid losing access to the server:
sudo ufw allow ssh
Step 4: Allow Other Necessary Services
Allow traffic for services like HTTP and HTTPS:
sudo ufw allow http sudo ufw allow https
Or use application profiles:
sudo ufw allow 'Apache Full'
Step 5: Enable UFW
Enable the firewall:
sudo ufw enable
Confirm with y when prompted.
Step 6: Verify Active Rules
Check the active rules:
sudo ufw status numbered
Step 7: Add Custom Rules (Optional)
- Allow a specific port:
sudo ufw allow 8080/tcp
- Deny a connection from a specific IP:
sudo ufw deny from 192.168.1.100
Step 8: Delete or Modify Rules
To delete a rule:
1 – View numbered rules:
sudo ufw status numbered
2 – Delete the specific rule:
sudo ufw delete [rule_number]
Conclusion
You have configured UFW to protect your Linux server. Remember to update the firewall rules whenever you add new services.
