If you’re looking for a way to protect your Ubuntu or Debian server, UFW (Uncomplicated Firewall) is an excellent choice. UFW is a tool that makes setting up a firewall simple and effective, ideal for both novice users and those looking for a quick solution for managing their firewall rules. In this article, we’ll explain how to use UFW on Ubuntu and Debian systems, from installation to creating custom rules.
What is the UFW?
UFW, or “Uncomplicated Firewall”, was created to make it easier to administer firewall rules on Linux, especially for those who are unfamiliar with iptables, the default firewall tool on the system. UFW provides a simple interface for creating rules to allow or block traffic on a network, making the process more intuitive and less prone to errors.
Prerequisites
Before we begin, you need to ensure that you are using a server or machine running Ubuntu or Debian. In addition, you must have administrative privileges (root or sudo access) to carry out the configuration.
Step 1: Installing UFW
In many cases, UFW is already installed by default in Ubuntu. However, if for some reason it isn’t there, or if you’re using Debian, the first step is to install it.
Open the terminal and run the following command to install UFW:
sudo apt update
sudo apt install ufwStep 2: Checking the UFW Status
After installation, you can check that UFW is active and configured with the following command:
sudo ufw statusIf UFW is not active, the output will be something like:
Status: inactiveStep 3: Enabling UFW
To activate UFW, run the command:
sudo ufw enableAfter enabling UFW, all incoming traffic will be blocked by default, except for traffic that corresponds to specific rules you add. This default setting protects the server from unwanted access.
Step 4: Allowing SSH connections
It is important to ensure that you have remote access to your server, especially if you are using SSH to connect. To allow SSH connections, use the following command:
sudo ufw allow sshThis command ensures that the firewall allows traffic on port 22, which is the default port for SSH. If you are using a custom SSH port (for example, port 2222), you can specify it in the command:
sudo ufw allow 2222/tcpStep 5: Creating Custom Rules
Now that UFW is enabled and SSH is allowed, let’s create some additional rules. Let’s assume you have a web server running and need to allow HTTP (port 80) and HTTPS (port 443) traffic.
To allow HTTP traffic:
sudo ufw allow httpAlternatively, you can use the port number:
sudo ufw allow 80/tcpTo release HTTPS traffic:
sudo ufw allow httpsOr:
sudo ufw allow 443/tcpStep 6: Blocking connections
As well as allowing connections, you can also block unwanted traffic. For example, to block all connections from a specific IP (say, 192.168.1.100), use the command:
sudo ufw deny from 192.168.1.100This can be useful for blocking suspicious access or access from malicious sources.
Step 7: Allowing Access from Specific Subnets
You can also allow or deny traffic to an entire block of IPs. If you only want to allow access from a specific subnet, such as 192.168.1.0/24, you can do it like this:
sudo ufw allow from 192.168.1.0/24This rule will allow all devices within this subnet to access the server.
Step 8: Priority Rules (Order of Rules)
The rules in UFW are processed in the order in which they are created. You can list the rules with:
sudo ufw status numberedIf you want to remove a specific rule, use its number:
sudo ufw delete <número-da-regra>Step 9: Disabling UFW
If for some reason you want to disable UFW, the command is simple:
sudo ufw disableThis temporarily deactivates the firewall, but keeps the rules configured for when the UFW is reactivated.
Step 10: Resetting Settings
If you need to remove all the rules and start from scratch, you can reset UFW with the following command:
sudo ufw resetThis deactivates UFW and removes all the custom rules that have been created.
Conclusion
UFW is a simple and powerful tool for setting up a firewall on Ubuntu and Debian. It facilitates the administration of security rules, allowing you to easily control incoming and outgoing traffic on your server. By following this guide, you can configure and manage your firewall effectively, ensuring more security for your services.
Remember to always test your firewall settings and monitor access logs, ensuring that your network is properly protected and working as expected.
If you have more questions or need assistance, feel free to share your doubts in the comments!
