How VPS - How to use/setup VPS
  • Home
  • Management guides
    • Web servers software
      • Directadmin
      • Hocvps Script
      • Centmin Mod
      • CWP
      • Kloxo-MR
      • Plesk
    • Control Panels
    • Securing VPS/Servers
      • SSL Certificates
      • Upgrading
      • Authentication
  • Operating System
    • CentOS
    • Fedora
    • Debian
    • Linux
    • Arch
    • BSD
    • CoreOS
  • Reviews
  • Coupon
    • Domain Coupon
    • Hosting Coupon
No Result
View All Result
  • Home
  • Management guides
    • Web servers software
      • Directadmin
      • Hocvps Script
      • Centmin Mod
      • CWP
      • Kloxo-MR
      • Plesk
    • Control Panels
    • Securing VPS/Servers
      • SSL Certificates
      • Upgrading
      • Authentication
  • Operating System
    • CentOS
    • Fedora
    • Debian
    • Linux
    • Arch
    • BSD
    • CoreOS
  • Reviews
  • Coupon
    • Domain Coupon
    • Hosting Coupon
No Result
View All Result
How VPS - How to use/setup VPS
No Result
View All Result
Home VPS/Servers management guides

How to Configure Firewall with UFW on Ubuntu 18.04

How VPS by How VPS
November 2, 2018
in VPS/Servers management guides
0
0
SHARES
14
VIEWS
Share on FacebookShare on Twitter

Contents

  1. Step 1: Set Up Default Policies
  2. Step 2: Allow SSH Connections
  3. Step 3: Allow Specific Incoming Connections
  4. Step 4: Deny Incoming Connections
  5. Step 5: Enabling UFW
  6. Step 6: Check Status of UFW
  7. Conclusion
  8. Check out these top 3 VPS services:
    1. Was this article helpful?

Uncomplicated Firewall or UFW is an interface to iptables that is designed to simplify the process of configuring a firewall. While iptables is a firm and flexible tool, it can be sometimes tricky for beginners to learn how to use it to properly configure a firewall. If a user is looking to get started securing his or her network, UFW may be the appropriate solution.

In this guide, we will learn how to configure firewall with UFW on Ubuntu 18.04.

Step 1: Set Up Default Policies

UFW is installed on Ubuntu by default. If it has been uninstalled for some reason, we can install it with the following command.

$ sudo apt install ufw

By default, UFW denies all incoming connections and allows all outgoing connections. It means that a client trying to reach our server would not be able to connect. When an application from our server tries to connect any other server outside, it will be allowed. The following commands serve the purpose.

$ sudo ufw default deny incoming
$ sudo ufw default allow outgoing

Step 2: Allow SSH Connections

By default we have restricted all the incoming connections to our server as we can see in our previous step. To allow connections using secured SSH, we will use the following command.

$ sudo ufw allow ssh

The above command will create firewall rules that will allow all connections on port 22, which is the default port on which the SSH daemon listens. The UFW listens to port listed in the file file /etc/services.

If SSH daemon is configured on a port other than the default, we can specify that in our command to listen to that port. The following command listens to port 2222 in case if SSH is configured by us on it.

We can also specify protocol (tcp or udp) in our above command. It is optional. The above command is used for both protocols.

$ sudo ufw allow 2222

Step 3: Allow Specific Incoming Connections

To allow incoming connections on a specific port, we will use following commands to specify rule for UFW. For e.g., if we want our server to listen to HTTP on port 80, below is the command to execute.

$ sudo ufw allow http

It is equivalent to the following

$ sudo ufw allow 80

We can use any of the above for port 80. For HTTPS, any of the following commands will serve the purpose to allow to connect.

$ sudo ufw allow https

Or

$ sudo ufw allow 443

We can specify a range of ports also, means more than one port. One thing to note is that we must specify protocol in the command (tcp or udp). The following command allows connections from ports 6000 to 6003 for both tcp and udp.

$ sudo ufw allow 6000:6003/tcp
$ sudo ufw allow 6000:6003/udp

Step 4: Deny Incoming Connections

Sometimes we want to deny specific connections based on the source IP address. It is so because we sometimes know that our server is being attacked from there. So we will create a deny rule for the specific IP address. The following command denies connection from an IP address 203.0.123.5

$ sudo ufw deny from 203.0.123.5

Step 5: Enabling UFW

After all the UFW configurations, next step is to enable it. The following command serves the purpose.

$ sudo ufw enable

We will see a warning message after executing the above command. It will say that the command may disrupt existing SSH connections. But in this case, we have already set up a firewall rule that allows SSH connections, so it will not disrupt our configuration. We will enter y and hit ENTER key to apply. The firewall settings are applied now.

Step 6: Check Status of UFW

We can check the status with the following command.

$ sudo ufw status verbose

The following is the output when it is inactive.

Status: inactive

In our case, it is active so the following will be output and results.

Status: active
To                             Action      From

--                             ------          ----

22                             ALLOW IN    Anywhere
80                             ALLOW IN    Anywhere
443                        ALLOW IN    Anywhere
2222                       ALLOW IN    Anywhere
6000:6003/tcp              ALLOW IN        Anywhere
6000:6003/udp              ALLOW IN        Anywhere
Anywhere                       DENY            203.0.123.5

Conclusion

In this article, we have configured firewall with the help of powerful UFW tool. With it’s help, we have defined SSH, HTTP and HTTPS incoming connections to be allowed. We have also specified a rule to deny incoming connection from a specific IP address. We can also check the status of our rules which we have created.

Check out these top 3 VPS services:

0

Was this article helpful?

Submit
How VPS

How VPS

Related Posts

What is a cloud server and how does it work?
VPS/Servers management guides

What is a cloud server and how does it work?

February 5, 2020
How to manage your VPS without cPanel?
VPS/Servers management guides

How to manage your VPS without cPanel?

February 5, 2020
How to install Snort on CentOS
VPS/Servers management guides

How to install Snort on CentOS 7?

February 7, 2020
Next Post
How to install Htop on Linux

Install Htop 2.0 - Linux Process Monitoring for RHEL, CentOS & Fedora

Obtain a Commercially Signed TLS Certificate

Obtain a Commercially Signed TLS Certificate

Introduction to FirewallD on CentOS

Introduction to FirewallD on CentOS

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Follow Us

  • 121 Followers
  • 87.2k Followers

Recommended

Install Tiki Wiki CMS Groupware on CentOS 7

3 years ago

How to Install MODX Revolution on a CentOS 7 LAMP VPS

3 years ago

How to Install Grav CMS on FreeBSD 11

4 years ago

How to Alter PHP Apache Module Configuration Settings

4 years ago

Instagram

    Please install/update and activate JNews Instagram plugin.

Categories

  • Arch
  • Authentication
  • Backups
  • BSD
  • Centmin Mod
  • CentOS
  • Control Panels
  • CoreOS
  • CWP
  • Debian
  • Directadmin
  • Encryption
  • Fedora
  • Firewalls
  • Hocvps Script
  • Hosting providers
  • Kloxo-MR
  • Linux
  • Mitigations
  • Operating System
  • Plesk
  • Reviews
  • Securing VPS/Servers
  • Security Patches
  • SSL Certificates
  • Uncategorized
  • Upgrading
  • VPS/Servers management guides
  • Vulnerability Detection
  • Web servers software
  • Webhosting Control Panel

Topics

Apache Web Server Bluehost Review 2019 Bluehost Review 2020 Bluehost Review 2021 Centmin Mod CentminMod centos install htop fsck htop install HTTP DoS attack Install Snort on an Ubuntu install Zabbix on CentOS install Zabbix on CentOS 7 Linux Commands linux guide linux install htop linux vps setup guide MariaDB MariaDB Error Mysql mysqld error optimize MariaDB optimize Mysql snort Ubuntu
No Result
View All Result

Highlights

Top Free Web Hosting Control Panels To Manage VPS/Dedicated Servers

Webmin Reviews

Virtualmin Reviews

CentOS Web Panel Reviews

Ajenti Reviews

ISPConfig Reviews

Trending

Failed to download metadata for repo 'appstream' on Centos 8
CentOS

How to fix error: Failed to download metadata for repo ‘appstream’ on Centos 8

by How VPS
February 25, 2022
0

I tried to update some extensions by use yum on centOs which I specified in Dockerfile. After...

How to Fix MySQL Error "Plugin 'InnoDB' registration as a STORAGE ENGINE failed"?

How to Fix MySQL Error “Plugin ‘InnoDB’ registration as a STORAGE ENGINE failed”?

November 17, 2020
How to optimize Mysql or MariaDB

How to optimize Mysql or MariaDB

November 3, 2020
Top Free Web Hosting Control Panels To Manage VPS/Dedicated Servers

Top Free Web Hosting Control Panels To Manage VPS/Dedicated Servers

February 17, 2020
Webmin Reviews

Webmin Reviews

February 17, 2020
How VPS – How to use/setup VPS

We bring you the best Premium WordPress Themes that perfect for news, magazine, personal blog, etc. Visit our landing page to see all features & demos.
LEARN MORE »

Recent News

  • How to fix error: Failed to download metadata for repo ‘appstream’ on Centos 8 February 25, 2022
  • How to Fix MySQL Error “Plugin ‘InnoDB’ registration as a STORAGE ENGINE failed”? November 17, 2020
  • How to optimize Mysql or MariaDB November 3, 2020

Categories

  • Arch
  • Authentication
  • Backups
  • BSD
  • Centmin Mod
  • CentOS
  • Control Panels
  • CoreOS
  • CWP
  • Debian
  • Directadmin
  • Encryption
  • Fedora
  • Firewalls
  • Hocvps Script
  • Hosting providers
  • Kloxo-MR
  • Linux
  • Mitigations
  • Operating System
  • Plesk
  • Reviews
  • Securing VPS/Servers
  • Security Patches
  • SSL Certificates
  • Uncategorized
  • Upgrading
  • VPS/Servers management guides
  • Vulnerability Detection
  • Web servers software
  • Webhosting Control Panel

[mc4wp_form]

© 2018 JNews - City News Magazine WordPress theme. All rights belong to their respective owners.
JNews is a top selling 2018 WordPress News, Blog, Newspaper & Magazine Theme.

No Result
View All Result
  • Home

© 2023 JNews - Premium WordPress news & magazine theme by Jegtheme.