Back

Configuring a Firewall with UFW on Linux

Introduction

Server security is fundamental. UFW (Uncomplicated Firewall) is a simple tool to manage firewall rules on Ubuntu and other Debian-based Linux distributions. This guide will show you how to configure UFW to protect your server.

Prerequisites

  • An Ubuntu or Debian system.
  • Access with sudo privileges.
Step 1: Install UFW (if not already installed)
sudo apt install ufw -y
Step 2: Check the Current Status of UFW

Check if UFW is active:

sudo ufw status verbose
Step 3: Allow SSH Connections

Before enabling UFW, make sure to allow SSH connections to avoid losing access to the server:

sudo ufw allow ssh
Step 4: Allow Other Necessary Services

Allow traffic for services like HTTP and HTTPS:

sudo ufw allow http
sudo ufw allow https

Or use application profiles:

sudo ufw allow 'Apache Full'
Step 5: Enable UFW

Enable the firewall:

sudo ufw enable

Confirm with y when prompted.

Step 6: Verify Active Rules

Check the active rules:

sudo ufw status numbered
Step 7: Add Custom Rules (Optional)
  • Allow a specific port:
sudo ufw allow 8080/tcp
  • Deny a connection from a specific IP:
sudo ufw deny from 192.168.1.100
Step 8: Delete or Modify Rules

To delete a rule:

1 – View numbered rules:

sudo ufw status numbered

2 – Delete the specific rule:

sudo ufw delete [rule_number]

Conclusion

You have configured UFW to protect your Linux server. Remember to update the firewall rules whenever you add new services.

Nexto
Nexto