SIGN IN / UP
    opened image

    UFW firewall setup on Ubuntu 20.04

    Nowadays, Internet security is one of the most important topics for discussion, as the number of malware, hacks and other threats is only increasing over time. As a security measure, many users and network administrators choose to set up a firewall that allows them to control incoming and outgoing connections. In this article, we will look at configuring the UFW firewall in Ubuntu 20.04.

    UFW (Uncomplicated Firewall) is a firewall configuration tool designed to simplify the process of configuring and managing firewall rules. UFW uses iptables for network security and traffic management. It allows you to set rules to control access to specific ports and IP addresses.

    UFW installation

    Before you can start using UFW, you need to make sure it is installed on your Ubuntu server. To do this, run the following command:

    sudo apt-get update
    sudo apt-get install ufw

     

    After installing UFW, you need to configure the rules that will control access to the network.

    Setting up rules

    By default, all incoming connections are blocked and only outgoing connections are allowed. If you want the server to be able to accept connections on a specific port, you must add a rule that allows incoming connections to that port.

    For example, to allow incoming connections on port 22 for the SSH protocol, run the following command:

    sudo ufw allow ssh
    

     

    If you are using a different port for the SSH protocol, you must specify it in the command:

    sudo ufw allow <номер порта>/tcp
    

     

    You can also allow incoming connections for other protocols such as HTTP and HTTPS by running the following commands:

    sudo ufw allow http
    sudo ufw allow https

     

    If you want to allow access to a specific IP address, run the following command:

    sudo ufw allow from <ip-адрес>
    

     

    To deny access to a port, run the following command:

    sudo ufw deny <номер порта>/tcp
    

     

    To remove a rule, run the following command:

    sudo ufw status numbered
    

     

    sudo ufw delete <number rule>
    

    Result:

    Enable and disable

    After you have configured the firewall rules, you can enable UFW. To do this, run the following command:

    sudo ufw enable
    

    When enabled, UFW will be launched automatically when the system boots.

    To check the status of UFW, run the following command:

    sudo ufw status
    

     

    The output will indicate the current state of UFW and a list of rules.

    To disable UFW, run the following command:

    sudo ufw disable
    

    However, it is not recommended to disable the firewall unnecessarily, as this can lead to vulnerabilities and security risks.

    UFW settings management

    UFW has several settings that can be changed by default. For example, you can enable or disable port forwarding, allow access to a specific port only for a specific IP address, and other settings.

    To change UFW settings, edit the /etc/ufw/ufw.conf file using a text editor:

    sudo nano /etc/ufw/ufw.conf
    

    In the file, you can change the settings, such as:

    - DEFAULT_INPUT_POLICY - incoming connection policy. Can be "DROP" (block all incoming connections by default) or "ACCEPT" (allow all incoming connections by default).
    - DEFAULT_FORWARD_POLICY - forward policy. Can be "DROP" (block all redirects by default) or "ACCEPT" (allow all redirects by default).
    - DEFAULT_OUTPUT_POLICY - outgoing connection policy. Can be "DROP" (block all outgoing connections by default) or "ACCEPT" (allow all outgoing connections by default).
    - IPV6 - enable or disable IPv6.
    - LOGLEVEL - UFW logging level.

    After changing the settings, you must restart UFW by running the following command:

    sudo ufw reload
    

    Conclusion

    Setting up a UFW firewall is an important step in securing your network and server. UFW allows you to control access to certain ports and IP addresses, block malware and other threats.

    There are a few important things to keep in mind when configuring UFW. First of all, you need to define rules for all services and applications that should have access to the network. You should also make sure that security rules are not violated, including blocking access to sensitive data and disabling unnecessary services and ports.

    In this article, we covered the basics of configuring the UFW firewall in Ubuntu 20.04, including installation, configuring rules, enabling and disabling, and managing settings. We hope this information will help you secure your network and server.