Install & Configure UFW Firewall on Ubuntu Server

In today’s digital landscape, securing your server is of utmost importance. One effective way to protect your Ubuntu server is by setting up a firewall. In this comprehensive guide, we will walk you through the process of installing and configuring the Uncomplicated Firewall (UFW) on your Ubuntu Server 20.04 LTS. UFW is a user-friendly interface that simplifies the management of the Linux kernel’s Netfilter subsystem, making it easier for administrators to define rules for packet filtering.

Prerequisites

Before we begin, ensure that you have the following prerequisites in place:

  1. An Ubuntu 20.04 LTS server with a non-root user account.
  2. UFW is installed on your server. If it is not installed, you can install it by running the following command:
sudo apt update
sudo apt install ufw

1. Setting Up Default UFW Policies

To get started, we will set up the default policies for UFW. These policies determine how UFW handles incoming and outgoing connections. By default, UFW denies all incoming connections and allows all outgoing connections. This provides a secure starting point for your firewall. To configure these default policies, run the following commands:

sudo ufw default deny incoming
sudo ufw default allow outgoing

These commands ensure that any incoming connections are blocked, while allowing all outgoing connections from your server.

2. Enabling SSH Connections

SSH (Secure Shell) is a widely used protocol for secure remote access to servers. To allow SSH connections through UFW, you need to enable the SSH port (default is port 22). Run the following command to allow SSH connections:

sudo ufw allow ssh

If your SSH daemon is running on a different port, you can specify the port number:

sudo ufw allow <port>/tcp

Replace <port> with the desired port number. Once you have allowed SSH connections, you can proceed to enable UFW.

3. Enabling UFW

To enable UFW and activate the firewall, run the following command:

sudo ufw enable

You will be prompted to confirm the action. Type “y” and press Enter to proceed. Once enabled, UFW will start enforcing the defined firewall rules. To check the status of UFW, use the following command:

sudo ufw status

The output will display the current status and the rules that have been set.

4. Allowing Other Connections

Depending on the services and applications running on your server, you may need to allow additional connections through UFW. Here are some examples of how to allow specific connections:

  • HTTP (port 80): sudo ufw allow 80/tcp
  • HTTPS (port 443): sudo ufw allow 443/tcp
  • Custom Port Range: sudo ufw allow <start_port>:<end_port>/tcp

Replace <start_port> and <end_port> with the desired range of ports. Remember to specify the protocol (tcp/udp) for each rule.

5. Denying Connections

In some cases, you may want to deny specific connections based on certain criteria. UFW allows you to block connections using deny rules. Here are some examples:

  • Deny HTTP connections: sudo ufw deny http
  • Deny specific IP address: sudo ufw deny from <IP_address>

Replace <IP_address> with the IP address you want to block. You can also specify the port number or protocol as needed.

6. Deleting UFW Rules

If you need to remove a rule from UFW, you can delete it using the rule number or the actual rule itself. To delete a rule by rule number, first, list all the rules with their corresponding numbers:

sudo ufw status numbered

Identify the rule number you want to delete, then use the following command to remove it:

sudo ufw delete <rule_number>

If you prefer to delete a rule using the actual rule, use the following command:

sudo ufw delete <rule>

Replace <rule> with the rule you want to delete. Deleting rules allows you to fine-tune your firewall configuration.

7. Disabling UFW

If you need to temporarily disable UFW, you can do so by running the following command:

sudo ufw disable

This command will stop UFW and disable it from starting on system boot. To re-enable UFW, use the command:

sudo ufw enable

This will activate UFW with the previously configured rules.

8. Checking UFW Status and Logs

To check the status of UFW and view the rules that are currently in effect, use the following command:

sudo ufw status verbose

This command provides a detailed output, including the current status, logging settings, default policies, and active rules.

UFW also logs firewall activity, which can be useful for monitoring and troubleshooting purposes. The firewall logs are stored in the /var/log/ufw.log file. You can view the logs using standard log viewing tools such as less or tail. For example:

sudo tail -f /var/log/ufw.log

This command will display the last few lines of the log file and continuously update as new log entries are added.

Conclusion

Configuring and managing a firewall is an essential aspect of maintaining the security of your Ubuntu 20.04 LTS server. With UFW, you can easily set up and enforce firewall rules to control incoming and outgoing connections. By following the steps outlined in this guide, you can enhance the security of your server and protect it from unauthorized access.

Remember to regularly review and update your firewall rules to align with your evolving security requirements. With UFW, you have a user-friendly tool that simplifies the process of managing your firewall configuration. Stay vigilant and keep your server protected!