In this tutorial, we will show you how to setup UFW Firewall on Ubuntu 18.04 LTS. For those of you who didn’t know, The default firewall configuration tool for Ubuntu is ufw. Developed to ease iptables firewall setup, ufw provides a user-friendly way to produce an IPv4 or IPv6 host-based antivirus. By default UFW is disabled.
This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo
‘ to the commands to get root privileges. I will show you the step-by-step installation UFW Firewall on an Ubuntu 18.04 Bionic Beaver server.
Prerequisites
- A server running one of the following operating systems: Ubuntu 18.04, and any other Debian-based distribution like Linux Mint or elementary OS.
- It’s recommended that you use a fresh OS install to prevent any potential issues.
- A
non-root sudo user
or access to theroot user
. We recommend acting as anon-root sudo user
, however, as you can harm your system if you’re not careful when acting as the root.
Setup UFW Firewall on Ubuntu 18.04 LTS Bionic Beaver
Step 1. First, make sure that all your system packages are up-to-date by running the following apt-get
commands in the terminal.
sudo apt-get update sudo apt-get upgrade
Step 2. Installing UFW Firewall on Ubuntu 18.04 LTS.
In Ubuntu 18.04, UFW is installed by default. If not, you can easily install it by running the following command:
apt-get install ufw
To check whether ufw is running run:
systemctl status ufw
After installation, UFW is deactivated. If you configure your server via SSH, it is important to release SSH before you enable UFW:
ufw allow ssh
Step 3. UFW control.
Turn on:
ufw enable
Turn off:
ufw disable
Attention! The following are examples, please use them only if you know what you are doing!
Allow protocol:
ufw allow ssh
Allow port:
ufw allow 22
Allow Port Ranges:
ufw allow 1000:2000
Prohibit connections:
Deny protocol:
ufw deny ssh
Deny port:
ufw deny 22
To see all services that can be allowed or denied in the system check out the /etc/services
file:
$ cat /etc/services | less
Sample output:
ftp-data 20/tcp ftp 21/tcp fsp 21/udp fspd ssh 22/tcp # SSH Remote Login Protocol ssh 22/udp telnet 23/tcp smtp 25/tcp mail time 37/tcp timserver time 37/udp timserver rlp 39/udp resource # resource location nameserver 42/tcp name # IEN 116 whois 43/tcp nicname tacacs 49/tcp # Login Host Protocol (TACACS) tacacs 49/udp re-mail-ck 50/tcp # Remote Mail Checking Protocol re-mail-ck 50/udp domain 53/tcp # Domain Name Server domain 53/udp
For more usage commands you can use the –help flag:
ufw --help
Step 4. Managing UFW via a graphical user interface (GUI).
Install gufw package if you wish to manage our UFW firewall via the graphical user interface application:
apt install gufw
Once installed, start Gufw by searching your start menu:
Congratulations! You have successfully install and setup UFW. Thanks for using this tutorial for installing UFW Firewall on your Ubuntu 18.04 Bionic Beaver system. For additional help or useful information, we recommend you check the official UFW Firewall website.