Firewalls in Ubuntu 24.04 Server — Configuring UFW (Uncomplicated Firewall)

1. Installing UFW

If UFW is not already installed, run:

sudo apt update && sudo apt install ufw -y

Checking UFW Status

Before configuring, make sure UFW is active:

sudo ufw status

If UFW is disabled, enable it:

sudo ufw enable

2. Basic Configuration

• Allow SSH (so you don’t lose access):

  sudo ufw allow ssh
  

  Or by specifying the port:

  sudo ufw allow 22/tcp
  

3. Common Rules

• Allow HTTP/HTTPS:

  sudo ufw allow 80/tcp
  sudo ufw allow 443/tcp
  

• Deny all incoming connections by default:

  sudo ufw default deny incoming
  

• Allow all outgoing connections:

  sudo ufw default allow outgoing
  

Restricting SSH Access by IP Address

If you want SSH access only from your public IP, first check it:

curl -s icanhazip.com

Then run (replace YOUR_IP and PORT):

Allow a port only for a specific IP:

sudo ufw allow from YOUR_IP to any port PORT comment "allow from home"

Allow a port for a specific IP for Docker containers:

sudo ufw route allow from YOUR_IP to any port PORT comment "allow from home docker"

Allowing HTTP and HTTPS

sudo ufw allow 80/tcp
sudo ufw allow 443/tcp

Allowing Other Ports

Example for port 8080:

sudo ufw allow 8080/tcp

• Deny a port:

  sudo ufw deny 3306/tcp  # MySQL
  

• Delete a rule:

  sudo ufw delete allow 80/tcp
  

Blocking All Incoming Traffic Except Allowed

sudo ufw default deny incoming
sudo ufw default allow outgoing

Managing Rules

• Delete an SSH rule:

  sudo ufw delete allow 22/tcp
  

• View rules with numbers:

  sudo ufw status numbered
  

• Delete by number:

  sudo ufw delete 1
  

4. Checking Status

sudo ufw status verbose

Full Reset of UFW Rules

sudo ufw reset

Disabling UFW

sudo ufw disable

Logging UFW Events

Enable logging:

sudo ufw logging on

View logs:

sudo cat /var/log/ufw.log

Optimization and Using Application Profiles

Some applications have predefined profiles with required ports.
View available profiles:

sudo ufw app list

Allow traffic for an application (e.g., Samba):

sudo ufw allow Samba

Limit application access to a specific network:

sudo ufw allow from 192.168.0.0/24 to any app Samba

Important: After making changes, check that your services are still accessible!

Conclusion

UFW is a user-friendly firewall management tool for Linux.
Regularly check settings with:

sudo ufw status verbose

Configure rules according to your security needs, restrict access by IP, and use application profiles for convenience.
🔹 UFW is a simple and effective way to protect your server — customize it for your needs and review rules regularly.

🚀 Explore more guides on our blog 👉 blog.1it.pro
📧 Contact us: admin@1it.pro for expert IT guidance.
🌐 Explore more: Visit 1it.pro for top-tier IT solutions.