Get 50% Discount Offer 7 Days


Contact Info

Chicago 12, Melborne City, USA

+88 01682648101

[email protected]

Recommended Services
Supported Scripts
A Comprehensive Guide to Firewalls

If you want to secure your Ubuntu system, you should configure a firewall. If you want to setup and manage a firewall, various flexible utilities are designed by Linux. One of these tools is called iptables. But, it should note that new users in network security may be a little afraid of iptables, so it is better to start with UFW first. This article proposes to give a comprehensive guide to firewalls.

What is UFW on Ubuntu?

UFW or Uncomplicated Firewall is a default firewall configuration tool. This user-friendly tool has been developed to facilitate the configuration of iptables firewalls and is provided for creating ipv4 or ipv6 host-based firewalls. It is initially disabled by default from the UFW man page. Also, UFW gives an easy way to add or remove simple rules, but it is not intended to provide complete firewall functionality.

How to Configure a Firewall on Ubuntu Server?

Here, we are going to show how you can setup a firewall on Ubuntu servers using UFW with a Comprehensive Guide to Firewalls. Follow the steps to protect your Ubuntu system. But, first of all, you should prepare the necessary requirements.

setup firewall on ubuntu

A Comprehensive Guide to Firewalls


– A Linux VPS Server with Ubuntu operating system

– A user account with sudo privileges

– accessing a Windows command line

Installing UFW on Ubuntu

UFW is disabled by default. So, the first thing to do is to enable it from the terminal prompt:

sudo ufw enable

Note that UFW is installed by your Ubuntu server as default, if not, you can check the status and install it using the commands below and then enable it:

sudo ufw status
sudo apt install ufw

Wait to complete the installation process. Now you have UFW enabled on your server.

Configuring UFW on Ubuntu

Now that you enabled UFW, you can configure UFW using both IPv4 and IPv6. To support both protocols you should modify the UFW configuration file, so go through these instructions.

First, you can use Nano or any text editor to open the default settings file:

sudo nano /etc/default/ufw

In your output, you will see the IPv6. If this value is set as no, change the value to yes and enable your IP. Then save and close the file.

Setting up Default UFW Policy

By default, UFW is set to allow all outgoing connections and deny all incoming connections. These rules are typical for PCs that do not need to respond to incoming requests. So, if you have changed the default settings and want to return to the default settings, run the following command:

sudo ufw default deny incoming

To allow outgoing connections use the following command:

sudo ufw default allow outgoing

So return the statute to the default settings by these comments.

Allowing SSH Connections

If your connection is from remote locations, you should setup UFW to allow incoming SSH connections.

Use the command below to configure UFW to allow the SSH connections:

sudo ufw allow ssh

To add a rule for IPv4 (or IPv6 if enabled) use this command and allow incoming and outcoming traffic from SSH connections.

Enabling UFW

After the configuration, to apply changes, disable and enable the UFW firewall again:

sudo ufw disable
sudo ufw enable

With these actions, you succeeded in setting up and activating the firewall.

Checking the Status of UFW

If you need to check the status and get detailed information, execute the following command:

sudo ufw status verbose

How to Work with UFW Rules?

UFW determines the rules for how the server communicates with other devices. Now you need to specify which connections are allowed to control firewall settings and which are prohibited.

Allowing Incoming Connections on Other Ports

You should allow specific incoming connections to control additional connections, depending on the purpose of the server. Now create UFW rules to add connections. Below is a list of commands requiring for configuration:

1- Apply the command below to set the server and listen to HTTP:

sudo ufw allow http

You can use port 80 as an alternative for HTTP connection:

sudo ufw allow 80

You can see the rule in UFW status:

sudo ufw status verbose

2- Run the following command to enable HTTPS connections:

sudo ufw allow https

You can use port number 443 as an alternative for HTTPS connection:

sudo ufw allow 443

Now to check the status run this command:

sudo ufw status verbose

3- Apply the command below to modify a rule that allows access to all ports from a specific IP:

sudo ufw allow from to any port

This allows all traffic from a remote server to a local machine or local server.

4- Apply this command to allow access from a particular machine to a specific port. This rule will limit access to the specific port:

sudo ufw allow from to any port

5- Determine the range values and the protocol type to allow access to a range of sports. The following is using to allow connections from 2000 to 2004 for TCP:

sudo ufw allow 2000:2004/tcp

To change the protocol for UDP use the following command:

sudo ufw allow 2000:2004/udp

Denying Incoming Connections on the Other Ports

If you want to forbid connection from a specific IP address create a deny rule:

sudo ufw deny from

Or, you can use the following command to deny access to particular ports:

sudo ufw deny from to any port

How to Delete UFW Ports

It is possible to delete UFW rules. You can use two ways for this reason:

1- You can disable the list of all rules and find the determined number of the rule. Now you can see the list in your output:

sudo ufw status numbered

Choose the related rule number and use the command below to delete the rule, so the rule will be removed from the list:

sudo ufw delete

2- The second way is to specify it word for word:

sudo ufw delete

For Example:

 sudo ufw delete allow 2000

Checking Application Profiles

Since you use the apt command to install UFW, each package has an application profile in the /etc/ufw/applications.d directory. This profile includes information about the software and its UFW settings. So to see the list of the application profiles use this command:

sudo ufw app list

To see more detailed information about a specific package run this command:

sudo ufw app info 'package name'

To give an example, put Apache full to see all the information about this application profile:

sudo ufw app info 'Apache Full'


Security is one of the most important parts of servers and to provide this security, you should set a firewall for your server. Here, we taught how to setup a firewall using UFW on the Ubuntu server after a Comprehensive Guide to Firewalls. We also gave some extra commands and instructions to show the way it works. We hope you enjoyed this article.

Rate this post
Share this Post

Leave a Reply

Your email address will not be published. Required fields are marked *