Or copy link
Copy link
UFW stands for Uncomplicated Firewall and is a lightweight and easy-to-use firewall configuration tool for Ubuntu and other Linux distributions such as Arch Linux, CentOS, and Linux Mint. It provides a simple way to manage incoming and outgoing traffic and can be used to secure your system from unauthorized access and attacks.
Learn How to install and configure the CSF Config Server Firewall on Centos – 7 64-bit
UFW is the most important feature to secure your Linux virtual private server by enabling. This feature helps filter malicious activities in the server.
In this post, we will discuss how to set up and configure UFW on Ubuntu, and how to use it to create firewall rules to protect your system. UFW is installed by default in Ubuntu you need to enable this feature.
UFW is a user-friendly frontend for the iptables firewall, a powerful but complex firewall configuration tool. UFW provides an interface for managing firewalls, making it more accessible to users. The following describes below that how UFW works in the Ubuntu system:
UFW comes pre-installed on Ubuntu systems, but it is disabled by default. To enable UFW, you can run the following command:
sudo ufw enable
This will enable UFW and start the firewall service. By default, UFW is configured to stop all incoming traffic and allow all outgoing traffic. This means that no one will be able to connect to your system from the outside, but you will be able to connect to other systems and services on the internet.
You can also disable the UFW by typing the following command:
sudo ufw disable
When it comes to understanding the creating and managing rules you must be familiar with ports and applications, To specify the source IP address and destination IP address as the protocols, and finally an action that you want to allow or deny the traffic.
Creating firewall rules
To create firewall rules, you can use the following commands:
sudo ufw allow <port>
sudo ufw deny <port>
sudo ufw allow <application>
sudo ufw deny <application>
Now as above description, for example, to allow incoming traffic on port 22 a default SSH port, you would run the following command:
sudo ufw allow 22
To block incoming traffic on port 80 which is the HTTP port, you would run the following command:
sudo ufw deny 80
You can also create more complex firewall rules by using the -s and -d options to specify the source and destination addresses or networks. For example, to allow incoming traffic on port 22 from the IP address 192.168.1.100, you would run the following command:
sudo ufw allow 22 -s 192.168.1.100
To block incoming traffic on port 80 from the IP address 192.168.1.200, you would run the following command:
sudo ufw deny 80 -s 192.168.1.200
Managing firewall rules
Once you have created some firewall rules, you can use the following commands to manage them:
sudo ufw status
sudo ufw list rules
sudo ufw delete <rule number>
sudo ufw reset
Always start by setting the default policies for UFW. By default, UFW will deny all incoming traffic and allow all outgoing traffic. You can change these defaults using the following command:
sudo ufw default <Args>
Here are some best practices in configuration UFW to protect your Ubuntu system:
UFW is a powerful and important firewall configuration tool. By setting up and configuring UFW rules, you can control which ports and services are open to incoming traffic. It provides a simple interface for managing firewall rules, and it includes a number of pre-defined rules for common applications and services. This makes it easier to manage your firewall and ensures that your system remains protected.
An uncomplicated firewall is used for the protection of the Ubuntu system It is installed by default in the Ubuntu System. You can practice these commands by choosing our cheapest Ultahost Ubuntu VPS hosting plan which provides the highest level of control and customization.
Port forwarding is a crucial technique for network admi...
Ubuntu provides a pre-installed firewall configuration ...
Configuring the Windows Server 2012 Firewall is an impo...
Imagine you're playing your favorite online game, but y...
Nmap, the Network Mapper, is a free and open-source sec...
Save my name, email, and website in this browser for the next time I comment.
Δ