• Home
  • Linux
  • Ubuntu
  • Debian
  • CentOS
  • Linux Commands
  • About Us
  • Donate
TecNStuff
Menu
  • Home
  • Linux
  • Ubuntu
  • Debian
  • CentOS
  • Linux Commands
  • About Us
  • Donate

How to Setup UFW Firewall on Ubuntu 18.04

Written by Admin, Updated On May 21, 2019
firewall, iptables, security, ubuntu, ufw
Setup Firewall With UFW on Ubuntu 18.04

By default, Ubuntu comes with firewall configuration tool which is called as UFW. UFW stands for Uncomplicated Firewall used to manage firewall rules in Ubuntu. In this tutorial, described how to setup UFW firewall on Ubuntu.

Prerequisites#

Before going to ahead and configure UFW on Ubuntu 18.04, you should logged in as non-root user with sudo privileges.

Install UFW#

As we described above that UFW is installed in Ubuntu by default. For any reason you have uninstalled then you should first install UFW to your Ubuntu system.

sudo apt install ufw

Check UFW Status#

You can check the status of ufw once the installation is finished. For that run the below command:

sudo ufw status verbose

If you never activated UFW before then it will show output as inactive because by default, UFW is disabled:

Output
Status: inactive

Once you will activated UFW then status output will show as below:

Output
Status: active To Action From -- ------ ---- 22 ALLOW Anywhere 22 (v6) ALLOW Anywhere (v6)

Enable UFW#

If UFW is not enabled on your system then you can do it easily by typing:

sudo ufw enable
Command may disrupt existing ssh connections. Proceed with operation (y|n)? y
Firewall is active and enabled on system startup

It will show warning that it may disrupt existing ssh connections if enabling the firewall. Press y and hit Enter to continue.

Now if you want to check status you can check again and it should show activated.

Set UFW Default Policies#

UFW will block all of the incoming connections and allow all outbound connections. Commonly, we need only some of ports open for incoming connections and block all other ports. The default polices are defined in the /etc/default/ufw file. Using UFW you can set and manage this type of rules polices.

Use below command to deny all incoming connections to your system:

sudo ufw default deny incoming

To allow all outgoing connections type following in terminal.

sudo ufw default allow outgoing

Add Rules to UFW#

It is very easy to add rules for any service or port numbers. Following is the basic syntax to add rule for any port.

sudo ufw ACTION PORT_NUMBER

Here, ACTION should replace with deny or allowed and PORT_NUMBER is the number of port for which you want to set rule.

Allow SSH Connections Port 22#

To allow incoming and outgoing connections on port 22 (SSH) run below command:

sudo ufw allow 22

You also can run command with the service name as below:

sudo ufw allow ssh

It will show output as below:

Output
Rule added
Rule added (v6)

Open port 80 – HTTP#

You can allow HTTP connections using below command:

sudo ufw allow http

Instead of http you can use the port number, 80:

sudo ufw allow 80/tcp

Open port 443 – HTTPS#

If your website using SSL then your server should open 443 port to allow connections over it. Run below command to allow port 443:

sudo ufw allow https

Same as http your can use port number instead of service name:

sudo ufw allow 443/tcp

Deny Traffic on Port 972#

You can deny traffic on specific port using below command:

sudo ufw deny 972

Deleting rules#

If you have added any rule and no need more now then you can delete it easily using delete action. For example, if we don’t want rule for https then run below command to delete rule for https:

sudo ufw delete allow 443

Allow Specific IP Addresses#

If you want allow connections from a specific IP address for all ports then just need to specify IP address as given below:

sudo ufw allow from 1.83.43.125

It will add that IP address to whitelist.

Allow Specific IP Addresses on Specific port#

If you have requirement that specific IP address should allow connections for specific ports only then run below command:

sudo ufw allow from 1.83.43.125 to any port 22

In above command you can see that we have followed port number after IP address to allow for specific port. So connections from 1.83.43.125 are allowed only for port 22.

Deny Specific IP Addresses#

To deny all the connections from a specific IP address, you need to specify IP address with deny option as given below:

sudo ufw deny from 1.83.43.125

It will add that IP address to blacklist.

Deny Specific IP Addresses on Specific port#

When you want to deny connections from specific IP address for specific ports only then you can do it by run below command:

sudo ufw deny from 1.83.43.125 to any port 22

You can see in above command we have given port number after IP address to deny for specific port. Thus, connections from 1.83.43.125 are deny only for port 22.

Disable UFW#

If you have requirement to disable UFW then you can simple do it by run below command:

sudo ufw disable

Reset UFW#

If you messed up rules and want to start again then reset UFW will help. It will disable UFW and delete all the current rules. To reset UFW type following command:

sudo ufw reset

Logging in UFW#

You can enable or disable logging in UFW with three levels. Default log level is low out of low, medium and high.

Type below command to enable logging:

sudo ufw logging on

Conclusion#

You have learned complete details about setup UFW on Ubuntu 18.04 system. It advised to deny all the incoming connections except necessary ports.

If you have any question or facing issue with setup UFW then comment below.

If our content helps you, please consider buying us a coffee

Thank you for your support.

Share On
Share on Facebook
Share on Twitter
Share on Reddit
Share on Tumblr
 Previous Article How to Change User Password in Linux
Next Article   How to install Java on CentOS 7 System

Related Posts

  • How to Install and Use PHP Composer on Ubuntu 22.04

    How to Install Composer on Ubuntu 22.04

    January 31, 2023
  • How to Install Nginx on Ubuntu 22.04

    How to Install Nginx on Ubuntu 22.04

    January 28, 2023
  • How to Install Puppet Agent on Ubuntu 22.04

    How to Install Puppet Agent on Ubuntu 22.04

    January 22, 2023

Leave a Reply Cancel reply

DigitalOcean Referral Badge

Popular Posts

  • How to Install SSH Keys on Ubuntu 22.04
    How to Set up SSH Keys on Ubuntu 22.04 January 7, 2023
  • How to Install Mongodb on Debian 11
    How to Install MongoDB on Debian 11 Linux January 11, 2023
  • How to Install Puppet Agent on Ubuntu 22.04
    How to Install Puppet Agent on Ubuntu 22.04 January 22, 2023
  • How to Install Jenkins on Debian 11
    How to Install Jenkins on Debian 11 January 5, 2023
  • How to Change-Hostname Ubuntu 22.04
    How to Change Hostname on Ubuntu 22.04 January 19, 2023
© 2020 TecNStuff All rights reserved. This website is using and storing cookies on your browser. By using this website you agree our Privacy Policy.  Follow us -  Twitter | Facebook