How to Enable and Configure Firewall with UFW on Ubuntu

Edited 2 weeks ago by ExtremeHow Editorial Team

UFWFirewallUbuntuSecurityLinuxConfigurationOperating SystemsNetworkingSystemAdministration

Ubuntu, a popular Linux-based operating system, offers robust security features to protect your server or personal computer from unauthorized access. One such essential feature is the firewall system, which is a network security mechanism that monitors and controls incoming and outgoing network traffic based on predefined security rules. In this guide, we explore how to enable and configure a firewall in Ubuntu using the Uncomplicated Firewall known as UFW.

Understanding the basics of UFW

UFW stands for Uncomplicated Firewall. It is a user-friendly front-end for managing firewall rules in Ubuntu. The goal of UFW is to simplify the process of setting up a firewall. While UFW can be used with advanced settings, this guide focuses on basic operations.

Key features of UFW

• Simplicity: UFW is designed to make firewall management easier for all users. It allows users to manage the firewall through simple command-line operations without editing complex configurations.
• Pre-configured options: UFW comes with a set of default rules that are often sufficient for most configurations. These rules can be modified or extended as needed.
• Integration: UFW is integrated into Ubuntu systems and can be used with other Linux distributions as well.

Founding of the UFW

By default, UFW may be already installed on your Ubuntu system. However, if it is not installed, you can easily install it using the following command:

sudo apt update sudo apt install ufw

The first command updates the package list to ensure you have the latest information for installed packages and the second command installs UFW.

Checking the status of the UFW

To check if UFW is activated, you can run the following command:

sudo ufw status

If installed but not activated, the output will say "Status: Inactive". We will activate it later in this guide.

Enabling UFW

To enable UFW use the following command:

sudo ufw enable

Once UFW is enabled, it will automatically start protecting your system based on the configured rules. It is important to remember to set the default rules before enabling. If the default rule is to deny all connections, you may find yourself locked out of the server, especially in remote access scenarios via SSH.

Understanding UFW default policies

Default policies serve as the basis for firewall configuration. If a connection does not match a specific rule, the default policies are applied. In most cases, it is a good practice to configure your firewall to block all incoming connections and allow only outgoing connections. This ensures that the services running on your server cannot be accessed from the outside world unless you allow them.

sudo ufw default allow outgoing sudo ufw default deny incoming

The first command allows all outgoing connections and the second blocks all incoming connections.

Allowing SSH connections

If you have SSH access to your server, you will need to configure UFW to allow SSH connections to ensure you don't lose access when UFW is enabled:

sudo ufw allow ssh

The above command allows traffic on port 22, which is the default port for SSH. If your SSH service runs on a different port, you need to specify that port using the following command:

sudo ufw allow <port number>/tcp

Adding rules to UFW

UFW allows the processing of rules that control access. These rules can grant or deny access through specific ports. Below are some examples and usage scenarios for adding rules:

Allowing specific ports

sudo ufw allow 80

This command allows HTTP traffic to your web server by opening port 80.

Allowing ports with a specific protocol

sudo ufw allow 443/tcp

To allow secure HTTPS traffic, you allow TCP connections on port 443.

Allow a specific IP address

sudo ufw allow from 192.168.1.100

This command allows all connections from a specific IP address.

Allowing ports for specific IP addresses

sudo ufw allow from 192.168.1.100 to any port 22

This allows SSH connections only from the specified IP address.

Denial rules

Similar to allowing connections, UFW can be configured to explicitly deny connections as needed:

Denying a specific port

sudo ufw deny 8080

This command stops any connections through port 8080.

Denying a specific IP address

sudo ufw deny from 203.0.113.5

This blocks all network traffic from the specified IP address.

Deleting a rule

If you need to delete a rule from UFW, you can list all the rules and use their rule number to delete them:

sudo ufw status numbered

It lists all the rules along with their numbers, like this:

[ 1] Allow 80/tcp

To delete a rule, you can do the following:

sudo ufw delete 1

This removes the rule associated with number 1 from the rule list.

Disabling UFW

In some cases, you may need to temporarily disable UFW, such as for troubleshooting:

sudo ufw disable

This turns off the firewall immediately, ensuring that all network traffic can pass through without any restrictions. Remember to re-enable it once the troubleshooting is complete:

sudo ufw enable

Advanced UFW features

Although UFW aims for simplicity, it can also handle more advanced firewall tasks:

Rate limiting

To prevent brute force attacks, UFW can be configured to limit the rate of connections. For example, rate limiting can be enabled on the SSH port:

sudo ufw limit ssh

This command limits the number of connection attempts and if the number is exceeded, it temporarily blocks the traffic from the source IP.

Logging

UFW provides logging capabilities to help you monitor and troubleshoot network traffic:

sudo ufw logging on

Logging helps you understand how the firewall is working and records any blocking attempts.

Using app profiles

UFW can work with app profiles, which simplify the process of allowing connections for multiple applications packaged with predefined rules. Get an overview of the available profiles:

sudo ufw app list

Once the profile name is identified, you can easily grant permission to it:

sudo ufw allow <profile name>

Conclusion

After reaching the end of this detailed guide, you have got important information on how to enable and configure a firewall on Ubuntu using UFW. You now understand the basic concepts of firewall rules, how to apply security policies, and how to monitor network activity using UFW. Maintaining a functioning firewall is essential for server security and requires constant monitoring and updating to ensure that it provides the necessary protection.

With these UFW practices, you can maintain tight monitoring with your server, keeping it secure from unauthorized access, while ensuring that authorized users have the necessary access – all of this is achieved with the remarkable simplicity provided by UFW on Ubuntu.

  Share This Article

If you find anything wrong with the article content, you can request an update