back to top
HomeTutorialsUbuntuHow to Set Up UFW Firewall on Ubuntu 24.04 LTS
Ubuntu

How to Set Up UFW Firewall on Ubuntu 24.04 LTS

2 Min Read

How to install Wordops in Ubuntu 24.04 (Noble)

WordOps provide the ability to deploy a blazing fast and secured WordPress with Nginx by...
Ubuntu

How to Set Up SSH Keys on Ubuntu

SSH, or secure shell, is an encrypted protocol used to administer and communicate with servers....
Ubuntu

Linux Commands Cheat Sheet List

Linux commands may seem intimidating at first glance if you do not use the terminal...
Ubuntu

Popular Nginx Commands (Systemctl & Nginx Commands)

Nginx is a powerful server application that routes network traffic. It's often used as a reverse proxy server but...
Nginx

How To Change Timezone in Ubuntu 24.04 with Terminal

Using the correct date and time on your Ubuntu system is essential for tasks and...
Ubuntu

Ubuntu 24.04 LTS comes with UFW Firewall that protects the server against unauthorized access. This quick guide makes setting up UFW on Ubuntu 24.04 LTS extremely simple. It provides step-by-step instructions for developers and sysadmins to secure their servers efficiently.

Setup UFW Firewall

First see status UFW

sudo ufw status

By default, the firewall is not enabled

Status: inactive

Block all incoming connections and only allow outgoing connections from the Ubuntu 24.04 LTS

sudo ufw default allow outgoing
sudo ufw default deny incoming

Make sure IPv6 support enabled too

grep IPV6 /etc/default/ufw

Edit the /etc/default/ufw file using a text editor

sudo nano /etc/default/ufw
IPV6=yes

Verify everything again

sudo grep -E 'POLICY|IPV6' /etc/default/ufw

Open SSH TCP port SSH

sudo ufw allow ssh

You can limit ssh port access

sudo ufw limit ssh

Turning on UFW Firewall

Turn on the firewall protection for your Ubuntu 24.04 LTS

sudo ufw enable

View the current firewall status

sudo ufw status
sudo systemctl status ufw.service
root@oydir:~# sudo systemctl status ufw.service
● ufw.service - Uncomplicated firewall
     Loaded: loaded (/lib/systemd/system/ufw.service; enabled; vendor preset: enabled)
     Active: active (exited) since Mon 2024-10-07 21:12:55 +07; 13min ago
       Docs: man:ufw(8)
    Process: 131 ExecStart=/lib/ufw/ufw-init start quiet (code=exited, status=0/SUCCESS)
   Main PID: 131 (code=exited, status=0/SUCCESS)

Oct 07 21:12:55 oydir systemd[1]: Starting Uncomplicated firewall...
Oct 07 21:12:55 oydir systemd[1]: Finished Uncomplicated firewall.
root@oydir:~#

Allow TCP or UDP Ports

You may need to open TCP ports 80 and 443 for web servers

sudo ufw allow 80/tcp comment 'Allow HTTP'
sudo ufw allow 443/tcp comment 'Allow HTTPS'

how to open the OpenVPN UDP port 1194

sudo ufw allow 1194/udp comment 'Allow OpenVPN'

Opening TCP and UDP Port

sudo ufw allow 3000:3200/tcp
sudo ufw allow 7000:8000/udp

Blocking TCP or UDP Ports

sudo ufw deny 23/tcp comment 'Block telnet'

Here is how to deny all connections from an IP address called 1.1.1.1

sudo ufw deny from 1.1.1.1

Viewing UFW Firewall rules

sudo ufw status numbered

Deleting UFW Firewall rules

sudo ufw delete 22
sudo ufw status numbered

Stopping and Removing UFW

If you no longer need ufw, here is how to disable UFW

sudo ufw disable
sudo ufw reset

View the UFW Firewall Logs

sudo journalctl -u ufw.service

All IP address trying to log in via SSH port but dropped by the UFW

journalctl -u ufw.service -g 'DPT=22' |\
grep -E -o 'SRC=([0-9]{1,3}[\.]){3}[0-9]{1,3}' |\
awk -F'=' '{ print $2 }' | sort -u
Previous article
How to Set Up SSH Keys on Ubuntu
Next article
Linux Commands Cheat Sheet List

LEAVE A REPLY

Please enter your comment!
Please enter your name here