A proper UFW Firewall Setup is one of the first security steps every Ubuntu administrator should complete after deploying a server. Whether you manage a VPS, cloud instance, or local Linux machine, configuring a firewall helps block unauthorized traffic while allowing trusted connections.
Ubuntu includes UFW, short for Uncomplicated Firewall, as a simplified way to manage Linux firewall rules. Instead of working directly with complex iptables commands, UFW offers a cleaner and easier interface.
In this guide, you’ll learn how to install, enable, and manage UFW on Ubuntu 24.04 using practical examples.
A firewall acts as a security filter between your server and external traffic. Without one, open services may become visible to attackers scanning the internet for weak systems.
UFW simplifies firewall administration by allowing you to create readable rules such as allowing SSH, blocking IP addresses, or opening web server ports.
Most Ubuntu servers already include UFW, but it may not be enabled by default.
Before configuring rules, update your package list and install UFW if needed:
sudo apt updatesudo apt install ufw
Next, check the firewall status:
sudo ufw status verbose
If UFW has not been activated yet, the output will show the firewall as inactive.
Before enabling the firewall on a remote server, you must allow SSH traffic. Otherwise, you could accidentally lock yourself out.
Allow SSH connections with:
sudo ufw allow ssh
If your SSH service uses a custom port, specify it manually:
sudo ufw allow 7722/tcp
Now enable the firewall:
sudo ufw enable
Ubuntu will warn that existing SSH connections may be interrupted. Confirm by typing y.
You can allow services either by port number or application profile.
To allow HTTP traffic:
sudo ufw allow 80/tcp
To allow HTTPS:
sudo ufw allow 443/tcp
If Nginx is installed, you can use built-in profiles:
sudo ufw allow 'Nginx Full'
You can also allow a range of ports:
sudo ufw allow 7000:7100/tcp
This is useful for gaming servers, VoIP services, or custom applications.
UFW also supports blocking suspicious IP addresses or networks.
To deny all traffic from a specific subnet:
sudo ufw deny from 192.168.1.0/24
You can additionally restrict access to a single service:
sudo ufw allow from 10.0.0.5 to any port 22
These rules improve server security by limiting who can access sensitive services.
To display numbered firewall rules:
sudo ufw status numbered
Delete a rule using its number:
sudo ufw delete 2
You can also disable or completely reset the firewall:
sudo ufw disable
sudo ufw reset
A reset removes all active firewall rules and disables UFW.
A secure UFW Firewall Setup helps protect Ubuntu 24.04 servers from unauthorized access and unnecessary exposure. By allowing only required services such as SSH, HTTP, and HTTPS, you reduce the attack surface and improve overall system security.
Because UFW uses simple commands and readable syntax, it remains one of the best firewall tools for Linux beginners and experienced administrators alike.
Journalists use OSINT to verify public information before publishing. In 2026, misinformation, AI-generated images, fake…
Docker is an open-source platform that lets you package and run applications inside containers. Each container…
PostgreSQL (often called Postgres) is an open-source relational database system. It supports advanced features like JSON…
Xrdp is an open-source server that lets you connect to your Ubuntu machine from another computer…
Apache Tomcat is an open-source web server and Java servlet container. It is one of the…
Keeping your Ubuntu system updated is one of the best ways to protect it. Security…