A proper UFW Firewall Setup is one of the first security steps every Ubuntu administrator should complete after deploying a server. Whether you manage a VPS, cloud instance, or local Linux machine, configuring a firewall helps block unauthorized traffic while allowing trusted connections.
Ubuntu includes UFW, short for Uncomplicated Firewall, as a simplified way to manage Linux firewall rules. Instead of working directly with complex iptables commands, UFW offers a cleaner and easier interface.
In this guide, you’ll learn how to install, enable, and manage UFW on Ubuntu 24.04 using practical examples.
A firewall acts as a security filter between your server and external traffic. Without one, open services may become visible to attackers scanning the internet for weak systems.
UFW simplifies firewall administration by allowing you to create readable rules such as allowing SSH, blocking IP addresses, or opening web server ports.
Most Ubuntu servers already include UFW, but it may not be enabled by default.
Before configuring rules, update your package list and install UFW if needed:
sudo apt updatesudo apt install ufw
Next, check the firewall status:
sudo ufw status verbose
If UFW has not been activated yet, the output will show the firewall as inactive.
Before enabling the firewall on a remote server, you must allow SSH traffic. Otherwise, you could accidentally lock yourself out.
Allow SSH connections with:
sudo ufw allow ssh
If your SSH service uses a custom port, specify it manually:
sudo ufw allow 7722/tcp
Now enable the firewall:
sudo ufw enable
Ubuntu will warn that existing SSH connections may be interrupted. Confirm by typing y.
You can allow services either by port number or application profile.
To allow HTTP traffic:
sudo ufw allow 80/tcp
To allow HTTPS:
sudo ufw allow 443/tcp
If Nginx is installed, you can use built-in profiles:
sudo ufw allow 'Nginx Full'
You can also allow a range of ports:
sudo ufw allow 7000:7100/tcp
This is useful for gaming servers, VoIP services, or custom applications.
UFW also supports blocking suspicious IP addresses or networks.
To deny all traffic from a specific subnet:
sudo ufw deny from 192.168.1.0/24
You can additionally restrict access to a single service:
sudo ufw allow from 10.0.0.5 to any port 22
These rules improve server security by limiting who can access sensitive services.
To display numbered firewall rules:
sudo ufw status numbered
Delete a rule using its number:
sudo ufw delete 2
You can also disable or completely reset the firewall:
sudo ufw disable
sudo ufw reset
A reset removes all active firewall rules and disables UFW.
A secure UFW Firewall Setup helps protect Ubuntu 24.04 servers from unauthorized access and unnecessary exposure. By allowing only required services such as SSH, HTTP, and HTTPS, you reduce the attack surface and improve overall system security.
Because UFW uses simple commands and readable syntax, it remains one of the best firewall tools for Linux beginners and experienced administrators alike.
Introduction Bash scripting is a powerful way to automate Linux tasks, but writing a script…
Introduction A self-signed SSL certificate is a certificate that is created and signed by the…
Introduction Debugging is an important part of Bash scripting. When a script does not work…
Introduction Cron jobs are used in Linux to run commands or Bash scripts automatically at…
Introduction Pipes are an important feature in Linux and Bash scripting. A pipe allows you…
Introduction The grep, awk, and sed commands are powerful text-processing tools in Linux. They are…