Looking for a guide on how to install UFW on a Ubuntu 18.04 server? We can help you.

Uncomplicated Firewall or UFW provides an interface to manage the iptables firewall easily.

A firewall protects the server and the interconnected network from the dangers that exist on the Internet.

At Bobcares, we install a firewall in servers during the initial server setup, as part of our Server Management Services.

Today, let’s take a look at how our Support Engineers install UFW in a Ubuntu 18.04 server.


A brief look at UFW

Before getting into the installation part, let’s see what is UFW.

As we all know, firewalls prevent unauthorized access to a server by monitoring incoming and outgoing traffic.

Iptables is one such firewall that is highly flexible and configurable. But, users often find it complicated to use and maintain.

And, there comes the use of UFW, which functions as a front-end interface for the iptables. It provides an easy-to-use interface and simplifies the complicated iptables commands.


How we installed UFW in Ubuntu 18.04?

UFW comes pre-installed in Ubuntu servers.

But, one of our customers approached us with a request. He accidentally uninstalled the UFW from his Ubuntu server and, he wanted to install it back on his server.

Our Support Engineers first updated the Ubuntu package manager and installed UFW using the commands,

apt update
apt install ufw

Then, we checked the status of UFW using the command,

ufw status

But, the output showed that UFW is in an inactive state. So, to enable it, we used the command,

ufw enable

Thus the UFW firewall was activated in the server. Next, let’s see some important details to consider further.


A common warning message in the UFW installation

Enabling the UFW always shows the warning message, “command may disrupt existing connections”.

This is because, by default, UFW blocks all incoming connections and allows all outgoing connections.

So, if a user tries to access the server, he will not be able to connect, unless we open the respective ports.


Managing the UFW firewall

In order to use UFW, it’s important to know how to manage it. Let’s have a look at it.


Allow SSH

As SSH is a commonly used way to connect to a server, first we open the port it uses. So the command we use is,

ufw allow ssh

We can also specify the port number instead of the service name.


Allow other services & ports

Similarly, to allow connections to different ports, we use the command,

ufw allow service_name/port_number

Using the service name opens default ports. So if we use a custom port, we specify the port number.


To allow a port range

UFW also allows access to multiple ports. But, for allowing port ranges, we need to specify the protocol used. That is TCP or UDP.

ufw allow port_range/protocol


Allow IP address

To allow connection from a particular IP address, we use,

ufw allow from xx.xx.xx.xx

Similarly, we can specify the port to which the IP can connect. And the command usage is,

ufw allow from xx.xx.xx.xx to any port 22


To allow connections to a specific network interface

Here we can create a rule that is applicable for a specific interface, say eth0.

ufw allow in on eth0 to any port 80


Check status

The UFW status after enabling ports appears as,

How to install ufw on Ubuntu 18.04

The output shows UFW as active and lists the added rules.


Deny connection

To deny any connections from a particular port or IP address, we use the commands,

ufw deny service_name/port_number/IP_address


Delete rules

Whereas, to delete any added rule, we first list the rules using the command,

ufw status numbered

The output appears as,

Status: active

      To                           Action          From
      --                           -----           ----
[ 1]  22/tcp                       ALLOW           Anywhere
[ 2]  Nginx HTTP                   ALLOW           Anywhere
[ 3]  22/tcp (v6)                  ALLOW           Anywhere (v6)
[ 4]  Nginx HTTP (v6)              ALLOW           Anywhere (v6)

To delete the second rule, we use the command,

ufw delete 2

Alternatively, we can delete the rule by specifying the added rule, that is,

ufw delete allow http


Disable and reset the UFW

If a user doesn’t want to use UFW, we ask them to use any other firewall for security and disable UFW for them. For this, we use the command,

ufw disable

Whereas, if a user wants to reset it to default policies, we use the command,

ufw reset


[Need assistance in setting up a firewall in Linux servers? – We’ll help you.]



In today’s article, we discussed how our Support Engineers easily installed UFW in the Ubuntu 18.04 server. We also saw different ways to manage a UFW firewall.


Source link


Write A Comment