UFW (Uncomplicated Firewall) is a user-friendly interface to manage iptables firewall rules on Ubuntu. It simplifies the process of setting up and managing a firewall to protect your server from unauthorized access.

Prerequisites

  • A server running Ubuntu (20.04 or later).
  • Sudo privileges.

Step 1: Installing UFW

UFW is installed by default on Ubuntu. However, if it’s not installed, you can install it using the following command:

sudo apt update
sudo apt install ufw

Step 2: Checking UFW Status

To check if UFW is active, use:

sudo ufw status

If UFW is inactive, you will see:

Status: inactive

Step 3: Enabling UFW

Before enabling UFW, it’s important to allow SSH connections to avoid locking yourself out of the server.

sudo ufw allow ssh

Now, enable UFW:

sudo ufw enable

You will see a prompt asking if you want to proceed. Type y and press Enter.

Step 4: Setting Default Policies

It’s recommended to set default policies that deny all incoming connections and allow all outgoing connections. This is a secure default setup:

sudo ufw default deny incoming
sudo ufw default allow outgoing

Step 5: Allowing Specific Incoming Connections

You can allow specific ports or services as needed. Here are some common examples:

  • Allow HTTP (port 80): sudo ufw allow http
  • Allow HTTPS (port 443): sudo ufw allow https
  • Allow specific port (e.g., port 8080): sudo ufw allow 8080
  • Allow a range of ports (e.g., ports 5000-6000): sudo ufw allow 5000:6000/tcp

Step 6: Denying Specific Incoming Connections

To deny specific ports or services, use:

  • Deny HTTP (port 80): sudo ufw deny http
  • Deny specific port (e.g., port 8080): sudo ufw deny 8080

Step 7: Enabling Logging

UFW can log firewall activity, which is useful for monitoring and troubleshooting:

sudo ufw logging on

To set the log level (optional):

sudo ufw logging low

Step 8: Managing UFW Rules

  • To delete a rule (e.g., allowing HTTP): sudo ufw delete allow http
  • To reset UFW to default state (this will disable UFW and delete all rules): sudo ufw reset

Step 9: Checking UFW Status and Rules

To view the current status and rules:

sudo ufw status verbose

You will see a detailed output of active rules and the status of UFW.

Step 10: Disabling UFW

If you need to disable UFW temporarily:

sudo ufw disable

Conclusion

UFW is a powerful tool that simplifies firewall management on Ubuntu servers. By following this tutorial, you can secure your server by configuring UFW to allow or deny specific connections, ensuring only authorized access is permitted.

Feel free to reach out if you have any questions or need further assistance!

Additional Resources

This should provide a comprehensive guide for beginners to get started with UFW on Ubuntu. Let me know if you need any modifications or additional sections!