What is UFW Firewallufw stands for Uncomplicated Firewall. It’s a simple and user-friendly command-line tool used to manage firewall rules on Linux systems, especially Ubuntu and Debian-based distributions. This guide details the procedures for installing, configuring, and effectively managing UFW in a production or enterprise setting.ufw is installed by default on most Ubuntu versions, especially on server editions. However, it is not enabled by default — you need to manually enable
Prerequisites
- A Linux server (Ubuntu/Debian-based)
- Root or sudo access
- SSH access already configured (if managing remotely)
Step 1
You need to check first if ufw is installed in your ubuntu or debian based linux distribution with below command
which ufw
If it is not installed, first, install the ufw. You can install with help by following command
apt install ufw
Step 2
Check the status of UFW
#ufw status >> to check the status
Step 3
Default Firewall Policies
Note: It is recommended to define default policies before enabling UFW:
#ufw default deny incoming >>blocks all incoming traffic
#ufw default allow outgoing >>allows all outgoing traffic
This configuration blocks all incoming connections and allows all outgoing traffic.
Step 4
Allow Essential Services like SSH or specify a port (e.g., custom SSH port):
Note: Always allow SSH access before enabling UFW if working remotely.
#ufw allow ssh >> to allow ssh
#ufw allow 2222/tcp >>allow custom pot for ssh
Allow HTTP and HTTPS:
#sudo ufw allow 80/tcp >> allow 80 port for the http
#sudo ufw allow 443/tcp >> allow 443 port for the https
Allow Specific Ports or Applications in UFW
#ufw allow 3306/tcp >>Allow MySQL Port
#ufw allow from 192.168.1.100 >> Allow traffic from specific IP
Step 5
Enable UFW After setting the rules:
#ufw enable >>to activate the UFW firewall and start enforcing all the rules you have configured.
#ufw status verbose >>display detailed information about the current UFW (Uncomplicated Firewall) configuration.
