Server security is fundamental. UFW (Uncomplicated Firewall) is a simple tool to manage firewall rules on Ubuntu and other Debian-based Linux distributions. This guide will show you how to configure UFW to protect your server.

Prerequisites

• An Ubuntu or Debian system.
• Access with sudo privileges.

Step 1: Install UFW (if not already installed)

sudo apt install ufw -y

Step 2: Check the Current Status of UFW

Check if UFW is active:

sudo ufw status verbose

Step 3: Allow SSH Connections

Before enabling UFW, make sure to allow SSH connections to avoid losing access to the server:

sudo ufw allow ssh

Step 4: Allow Other Necessary Services

Allow traffic for services like HTTP and HTTPS:

sudo ufw allow http
sudo ufw allow https

Or use application profiles:

sudo ufw allow 'Apache Full'

Step 5: Enable UFW

Enable the firewall:

sudo ufw enable

Confirm with y when prompted.

Step 6: Verify Active Rules

Check the active rules:

sudo ufw status numbered

Step 7: Add Custom Rules (Optional)

• Allow a specific port:

sudo ufw allow 8080/tcp

• Deny a connection from a specific IP:

sudo ufw deny from 192.168.1.100

Step 8: Delete or Modify Rules

To delete a rule:

1 – View numbered rules:

sudo ufw status numbered

2 – Delete the specific rule:

sudo ufw delete [rule_number]

Conclusion

You have configured UFW to protect your Linux server. Remember to update the firewall rules whenever you add new services.