Introduction
UFW (Uncomplicated Firewall) is a user-friendly interface for managing iptables firewall rules on Linux systems. It's a great tool for securing your VPS by controlling incoming and outgoing traffic. This guide will cover the basics of setting up and using UFW on your Linux server.
Step-by-Step Guide
Step 1: Install UFW
- Most distributions come with UFW pre-installed. If it’s not installed on your system, you can install it with:
sudo apt install ufw
Step 2: Allow SSH Connections
Before enabling the firewall, you need to ensure that SSH connections are allowed, so you don't get locked out:
sudo ufw allow ssh
If you are using a different SSH port, specify it like this:
sudo ufw allow 2222/tcp
Step 3: Enable UFW
To turn on the firewall, use the following command:
sudo ufw enable
Step 4: Allow or Deny Specific Ports
- Allow a specific service by name (e.g., HTTP):
sudo ufw allow http
- Allow a specific port:
sudo ufw allow 80
- Deny a specific port:
sudo ufw deny 23
Step 5: Check UFW Status and Rules
To view the status of UFW and the active rules, use:
sudo ufw status verbose
Step 6: Disable UFW
If you need to temporarily disable the firewall, run:
sudo ufw disable
Conclusion
By setting up a firewall with UFW, you've added a critical layer of security to your Linux VPS. Regularly review your firewall rules to ensure no unnecessary ports are open, thereby maintaining a robust security posture.
Disclaimer
Be cautious when configuring your firewall rules to prevent accidental service disruptions, especially SSH connectivity to your server.