UFW firewall installation on Ubuntu

Every computer connect to internet should have firewall (Uncomplicated Firewall). Luckily there’s a super easy one in Ubuntu that can be set up in just few clicks.

First check the status

root@vmware:/# ufw status
Status: inactive

Firewall is disabled at the moment.
First make sure you enable services that you know you’ll be using – in most cases this will be SSH and Apache.

root@vmware:/# ufw allow 'Apache Full'
Rules updated
Rules updated (v6)
root@vmware:/# ufw allow 'OpenSSH'
Rules updated
Rules updated (v6)

Now that you have enabled SSH you can also enable the firewall.

root@vmware:/# ufw enable
Command may disrupt existing ssh connections. Proceed with operation (y|n)? y
Firewall is active and enabled on system startup

You can easily view list of active rules like this

root@vmware:/# ufw status numbered
Status: active

     To                         Action      From
     --                         ------      ----
[ 1] Apache Full                ALLOW IN    Anywhere                  
[ 2] OpenSSH                    ALLOW IN    Anywhere                  
[ 3] Apache Full (v6)           ALLOW IN    Anywhere (v6)

How to enable custom SSH port

In many cases you won’t use the default SSH port, but rather something like 2020, in that case, you need to do this

root@vmware:/# ufw allow 2020/tcp
Rule added
Rule added (v6)

How to block an IP address

If you want to block an IP address, you need to make sure to place this rule at very top of the list. UFW looks through the list and it stops after it finds first match. That means adding an IP at the bottom of the list won’t prevent it from accessing Apache port.
Here is the right way to do it

root@vmware:/# ufw insert 1 deny from 12.12.12.12
Rule inserted
root@vmware:/# ufw status
Status: active

To                         Action      From
--                         ------      ----
Anywhere                   DENY        12.12.12.12               
Apache Full                ALLOW       Anywhere                  
OpenSSH                    ALLOW       Anywhere

Now you can be 100% sure that 12.12.12.12 can’t access port on your Ubuntu.

How to delete a rule

You need to do a numbered list first.

root@vmware:/# ufw status numbered
Status: active

     To                         Action      From
     --                         ------      ----
[ 1] Anywhere                   DENY IN     12.12.12.12               
[ 2] Apache Full                ALLOW IN    Anywhere                  
[ 3] OpenSSH                    ALLOW IN    Anywhere                    
[ 4] 2020/tcp                   ALLOW IN    Anywhere                  
[ 5] 2020/tcp (v6)              ALLOW IN    Anywhere (v6)

Lets say you want to remove the 3th rule, access to OpenSSH ( port 22 ), then you do

root@vmware:/# ufw delete 3

How to enable remote MySQL connect

root@vmware:/# ufw allow 3306/tcp
Rule added
Rule added (v6)

Write a Comment

Comment

Webmentions

  • kamagra přes noc online 2016-12-27

    hotovost za kamagra

    kamagra porovnat cenu cvs

  • get xifaxan australia price 2016-12-27

    buy xifaxan generic overnight shipping

    xifaxan in canada

  • purchase rifaximin australia where to buy 2016-12-27

    ordering rifaximin price new zealand

    canadian womens rifaximin vs united states rifaximin

  • buying avodart buy online usa 2016-12-27

    how to order avodart uk where buy

    how to buy avodart without recipe

  • get staxyn generic alternatives 2016-12-27

    how to buy staxyn uk where buy

    how to order staxyn generic vs brand name

  • discount itraconazole buy online canada 2016-12-27

    cheap itraconazole uk cheapest

    purchase itraconazole uk pharmacy

  • cheapest gabapentin anywhere 2016-12-27

    buy cheap gabapentin buy online canada

    get gabapentin generic available

  • ordering fildena generic pharmacy canada 2016-12-27

    how to buy fildena generic germany

    buying fildena purchase singapore

  • cheapest buy dutasteride purchase online from india 2016-12-27

    how to order dutasteride price from cvs

    how to buy dutasteride usa suppliers

  • cheapest buy flexeril cyclobenzaprine cheap in canada 2016-12-27

    online order flexeril cyclobenzaprine generic uk next day delivery

    cheap flexeril cyclobenzaprine price prescription

  • buy cheap androxal generic next day delivery 2016-12-27

    cheapest buy androxal cost on prescription

    how to buy androxal usa online pharmacy

  • kamagra c.o.d. 2016-12-27

    kamagra hong kong où acheter

    kamagra au mexique sans ordonnance

  • order enclomiphene generic overnight delivery 2016-12-27

    buy enclomiphene cost insurance

    enclomiphene no prescriptions needed cod