A firewall helps protect your VPS by controlling which incoming and outgoing connections are allowed. UFW(Uncomplicated Firewall) is a simple yet powerful tool available on Debian-based systems like Ubuntu.
This guide shows you how to install, configure, and manage a firewall using UFW.
Step 1: Install UFW (if not already installed)
First, connect to your server via SSH:
ssh root@your_server_ipThen install UFW:
apt install ufw
Step 2: Check UFW Status
To see if UFW is active:
ufw statusIf it’s inactive, you’ll see:
Status: inactive
Step 3: Allow SSH Access First
Before enabling the firewall, make sure SSH access is allowed, or you may lock yourself out.
ufw allow sshOr explicitly allow port 22 (default SSH port):
ufw allow 22If you’re using a different SSH port (e.g., 2222):
ufw allow 2222
Step 4: Allow Other Common Services (Optional)
• HTTP (Web Server):
ufw allow http
• HTTPS (Secure Web Server):
ufw allow https
• FTP:
ufw allow ftp
You can also allow specific ports like:
ufw allow 80 # HTTP
ufw allow 443 # HTTPS
Step 5: Enable UFW
After setting your rules, activate UFW:
ufw enableConfirm with y when prompted.
Step 6: Check Rules
To list the currently active rules:
ufw statusTo get more detailed output:
ufw status verbose
Step 7: Managing UFW Rules
• Deny a port:
ufw deny 23
• Delete a rule:
ufw delete allow 80
• Disable UFW:
ufw disable
• Reset UFW (clears all rules):
ufw reset
Step 8: Allow Specific IP Address
To allow only a specific IP to access a port:
ufw allow from 203.0.113.10 to any port 22
Conclusion
Setting up a firewall using UFW is a quick and effective way to enhance your VPS security. Always ensure SSH access is allowed before enabling the firewall to avoid being locked out.
If you need help with firewall configuration or recovery access, contact Hosteons Support.
