UFW Firewall Setup on Ubuntu 20.04: Complete Security Guide

A proper UFW Firewall Setup is one of the most important steps when securing an Ubuntu server. Firewalls help control incoming and outgoing network traffic by allowing approved connections and blocking unwanted access. On Ubuntu 20.04, the Uncomplicated Firewall (UFW) provides a simple way to manage firewall rules without dealing directly with complex networking configurations.

Whether you’re running a web server, database, or personal Linux machine, understanding UFW can significantly improve your system’s security posture.

What Is UFW and Why Use It?

UFW, short for Uncomplicated Firewall, is a user-friendly firewall management tool available on Ubuntu. It serves as a simplified interface for managing underlying firewall rules while making security administration easier for Linux users.

The primary goal of UFW is to reduce complexity while still offering powerful traffic filtering capabilities. This makes it suitable for both beginners and experienced administrators.

Key Benefits of UFW

• Easy-to-understand command syntax
• Improved server security
• Quick port management
• Support for IPv4 and IPv6
• Integration with common applications and services

UFW Firewall Setup and Installation

In most Ubuntu 20.04 installations, UFW comes pre-installed. If it is missing, you can install it using the package manager:

sudo apt updatesudo apt install ufw

After installation, verify its current status:

sudo ufw status verbose

A newly installed system typically shows the firewall as inactive.

UFW Firewall Setup Default Policies

Before enabling the firewall, it is important to understand its default behavior.

By default:

• Incoming traffic is blocked
• Forwarded traffic is blocked
• Outgoing traffic is allowed

This configuration provides a secure starting point because external connections are denied unless explicitly permitted.

Allowing Essential Services

If you manage a server remotely, always allow SSH access before activating the firewall. Otherwise, you could lock yourself out of the system.

sudo ufw allow ssh

You can also permit web traffic:

sudo ufw allow 80/tcpsudo ufw allow 443/tcp

For installed applications, UFW supports predefined profiles:

sudo ufw app list

These profiles simplify rule management for services such as Nginx and OpenSSH.

Enabling and Managing Firewall Rules

Once required services are allowed, activate UFW:

sudo ufw enable

To view active rules:

sudo ufw status numbered

UFW also supports advanced rule creation.

Allow Access from a Specific IP

sudo ufw allow from 192.168.1.100

Open a Port Range

sudo ufw allow 7000:7100/tcp

Block Unwanted Connections

sudo ufw deny from 203.0.113.0/24

These options provide granular control over who can access your system and which services remain exposed.

Advanced Features and Maintenance

UFW supports network address translation (NAT), IP forwarding, subnet filtering, and interface-specific rules. These features make it suitable for VPN gateways, routers, and enterprise environments.

If you need to remove a rule, use:

sudo ufw delete <rule-number>

To temporarily disable the firewall:

sudo ufw disable

For a complete reset:

sudo ufw reset

Conclusion

A well-planned UFW Firewall Setup is essential for protecting Ubuntu 20.04 systems against unauthorized access and network-based threats. By configuring sensible default policies, allowing only necessary services, and regularly reviewing firewall rules, administrators can significantly strengthen server security. Whether you’re managing a personal VPS or a production environment, UFW Firewall Setup offers a reliable and straightforward way to maintain a secure Linux infrastructure.