Add Firewall to Linux Server with UFW30 January 2017
So, you have your own server? Setting up a firewall on your server is very important once it is up and running. Thanks to
ufw, doing this is fairly easy! Don’t even think about making your server public without a firewall! Check out my previous post on securing your server to add more protection.
Install UFW - The Uncomplicated Firewall
sudo apt-get update
sudo apt-get install ufw
These are the default settings out of the box, but let’s just make extra sure that they really are.
sudo ufw default deny incoming
sudo ufw default allow outgoing
Let’s Enable Some Ports by Service
If you don’t need some of these services, you don’t have to run them.
sudo ufw allow OpenSSH sudo ufw allow http sudo ufw allow https sudo ufw allow ssh
Wondering what other services your server is running? Run
less /etc/services to check.
Let’s Enable Some Ports Manually
You typically don’t need to define ports if you have specific services running like how we did in the previous section, but here are some examples.
# using mail? allow these ports sudo ufw allow 25 #smtp sudo ufw allow 143 #imap sudo ufw allow 993 #imaps sudo ufw allow 110 #incoming pop3 sudo ufw allow 995 #incoming pop3s
sudo ufw enable