Configure a Firewall with UFW (Linux)
A firewall is essential to block unauthorized access to your server. UFW (Uncomplicated Firewall) is user-friendly and perfect for beginners.
1. Install UFW
Ubuntu/Debian:
sudo apt update
sudo apt install ufwCentOS/RHEL/Fedora: UFW is not available by default — use firewalld or iptables instead.
2. Set default rules
sudo ufw default deny incoming
sudo ufw default allow outgoingThis blocks all incoming traffic by default but allows outgoing connections.
3. Allow required ports
Open ports needed by your services:
sudo ufw allow 22– SSHsudo ufw allow 80– HTTPsudo ufw allow 443– HTTPS
To allow a custom port (e.g., for changed SSH port):
sudo ufw allow 22224. Enable UFW
sudo ufw enableConfirm with “y” – your firewall is now active.
5. Check firewall status
sudo ufw status verboseDisplays the current firewall configuration.
6. Remove or modify rules
sudo ufw delete allow 22
sudo ufw deny 3306Use these to remove or block specific ports.
Warning for remote servers
Don't lock yourself out! Make sure SSH (port 22 or custom) is allowed before enabling the firewall.
Conclusion
With UFW, you've configured a simple yet powerful firewall. It adds an important layer of protection to your Linux server.
Tags: Linux, UFW, Firewall, Security, Server, Port
