Skip to content

Latest commit

 

History

History
280 lines (181 loc) · 4.01 KB

10.install-and-setup-ufw-firewall.md

File metadata and controls

280 lines (181 loc) · 4.01 KB

How to Setup and Config UFW on VPS

What is Firewall ?

A firewall is computer hardware or software that controls inbound and outbound traffic of a machine.

What is UFW ?

UFW (Uncomplicated Firewall) is presented as a front-end of Iptables. By default, UFW denies all incoming connections and allows all outgoing connections.

  • Install UFW

    apt install ufw

  • Check UFW Status

    • To Check Normal Mode

      ufw status

    • To Check in more Comprehensive

      ufw status verbose

    • To Check with Number

      ufw status numbered

  • Enable UFW

    ufw enable

    • Note command may disrupt existing ssh connections. Proceed with operation. we need to allow ssh service

      ufw allow ssh

  • Disable UFW

    ufw enable

  • Configure to support IPv6

    • Open Config File

      nano /etc/default/ufw

    • then Change: IPV6=yes

  • To Restart Firewall Disable it then Enable it

    ufw disable;
ufw enable

  • To Check Open Port, It will show only those which are currently running

    netstat -tulpn

  • To Open Port

    • Syntax -

      ufw allow <port/protocol>

    • Example -

      ufw allow 21/tcp

  • To Close Port

    • Syntax -

      ufw deny <port/protocol>

    • Example -

      ufw deny 21/tcp

  • To Open a Range of Ports

    • Syntax -

      ufw allow [Starting_port:Ending_port]/protocol

    • Example -

      ufw allow 300:310/tcp

  • To Close a Range of Ports

    • Syntax -

      ufw deny [Starting_port:Ending_port]/protocol

    • Example -

      ufw deny 300:310/tcp

  • To Allow Service

    • Syntax -

      ufw allow <service_name>

    • Example -

      ufw allow http

  • To Deny Service

    • Syntax -

      ufw deny <service_name>

    • Example -

      ufw deny http

  • To Allow Access to IP Address

    • Syntax -

      ufw allow from <IPAddress>

    • Example -

      ufw allow from 192.168.1.4

  • To Deny Access to IP Address

    • Syntax -

      ufw deny from <IPAddress>

    • Example -

      ufw deny from 192.168.1.4

  • To Allow IP to connect only specific Port

    • Syntax -

      ufw allow from <IPAdress> to any port Port

    • Example -

      ufw allow from 192.168.1.4 to any port 45

  • To Delete a Specific Rule

    1. Check Status with Number

      ufw status numbered

    2. Delete with Number

      • Syntax -

        ufw delete <number>

      • Example -

        ufw delete 3

  • To Reset to Default Setting

    ufw reset

  • Some useful connection which You may want to allow

    1. To Allow SSH Connection

      ufw allow ssh

      Or

      ufw allow 22/tcp

    2. To Secure Web Server

      ufw allow 80/tcp

    3. To Allow FTP Connection

       ufw allow ftp

      Or

      ufw allow 21/tcp; 
ufw allow 20/ftp

    4. To Allow Web Server Profile(http)

      ufw allow www

    5. To Allow https

      ufw allow https

Reference Doc Links