UFW Firewall Setup on Ubuntu 24.04 Made Easy

A proper UFW Firewall Setup is one of the first security steps every Ubuntu administrator should complete after deploying a server. Whether you manage a VPS, cloud instance, or local Linux machine, configuring a firewall helps block unauthorized traffic while allowing trusted connections.

Ubuntu includes UFW, short for Uncomplicated Firewall, as a simplified way to manage Linux firewall rules. Instead of working directly with complex iptables commands, UFW offers a cleaner and easier interface.

In this guide, you’ll learn how to install, enable, and manage UFW on Ubuntu 24.04 using practical examples.

Why UFW Matters for Ubuntu Security

A firewall acts as a security filter between your server and external traffic. Without one, open services may become visible to attackers scanning the internet for weak systems.

UFW simplifies firewall administration by allowing you to create readable rules such as allowing SSH, blocking IP addresses, or opening web server ports.

Most Ubuntu servers already include UFW, but it may not be enabled by default.

Install and Verify UFW Firewall Setup

Before configuring rules, update your package list and install UFW if needed:

sudo apt updatesudo apt install ufw

Next, check the firewall status:

sudo ufw status verbose

If UFW has not been activated yet, the output will show the firewall as inactive.

UFW Firewall Setup for SSH Access

Before enabling the firewall on a remote server, you must allow SSH traffic. Otherwise, you could accidentally lock yourself out.

Allow SSH connections with:

sudo ufw allow ssh

If your SSH service uses a custom port, specify it manually:

sudo ufw allow 7722/tcp

Now enable the firewall:

sudo ufw enable

Ubuntu will warn that existing SSH connections may be interrupted. Confirm by typing y.

Open Ports with UFW

You can allow services either by port number or application profile.

To allow HTTP traffic:

sudo ufw allow 80/tcp

To allow HTTPS:

sudo ufw allow 443/tcp

If Nginx is installed, you can use built-in profiles:

sudo ufw allow 'Nginx Full'

You can also allow a range of ports:

sudo ufw allow 7000:7100/tcp

This is useful for gaming servers, VoIP services, or custom applications.

Restrict Access with UFW Rules

UFW also supports blocking suspicious IP addresses or networks.

To deny all traffic from a specific subnet:

sudo ufw deny from 192.168.1.0/24

You can additionally restrict access to a single service:

sudo ufw allow from 10.0.0.5 to any port 22

These rules improve server security by limiting who can access sensitive services.

Managing Existing Firewall Rules

To display numbered firewall rules:

sudo ufw status numbered

Delete a rule using its number:

sudo ufw delete 2

You can also disable or completely reset the firewall:

sudo ufw disable

sudo ufw reset

A reset removes all active firewall rules and disables UFW.

Conclusion

A secure UFW Firewall Setup helps protect Ubuntu 24.04 servers from unauthorized access and unnecessary exposure. By allowing only required services such as SSH, HTTP, and HTTPS, you reduce the attack surface and improve overall system security.

Because UFW uses simple commands and readable syntax, it remains one of the best firewall tools for Linux beginners and experienced administrators alike.