Uncomplicated Firewall (UFW)

Posted under » Ubuntu » LAMP Security on 08 December 2022

If you are running EC2 AWS, you would not need to use UFW because you will be using VPC to limit outgoing and incoming traffic. Only use this if there are no firewall or router in front of your server. You may choose to use IP tables instead.

By default, it is not active and all traffic is allowed. Enable it by

$ ufw enable
$ ufw status

To disable or reset

$ ufw disable
$ ufw reset

First, we setup the default

$ ufw default deny incoming
$ ufw default allow outgoing

UFW is works like a windows firewall. You are concerned with services, ports and IPs.

$ ufw allow ssh
$ ufw allow 22
$ ufw deny http
$ ufw allow 6000:6007/tcp // range
$ ufw allow from 203.0.113.4 to any port 22
$ ufw allow from 203.0.113.0/24 to any port 22

Deleting firewall rules can be done by numbers or rule

$ ufw status numbered
Status: active

     To        Action      From
     --        ------      ----
[ 1] 22        ALLOW IN    15.15.15.0/24
[ 2] 80        ALLOW IN    Anywhere

$ ufw delete 2
$ ufw delete allow http

Firewall is like a padlock. If you are not careful, you may not get inside your own house (server).

web security linux ubuntu python django git Raspberry apache mysql php drupal cake javascript css AWS IOT