Security is something not to be taken lightly, in the age when cybercrime is frequently seen in the headlines of IT-related articles. Therefore, it is always advisable to take steps to add an additional level of security to your server.
By protecting our server (or the one you use), we are protecting our data. An efficient way to do this is to set up a Firewall on Ubuntu 18.04. This way we can monitor the incoming and outgoing connections made to our server. In this we will teach you how to configure a firewall in Ubuntu 18.04 with UFW.
Using the Ubuntu firewall to protect your server
A firewall is hardware or software that controls incoming and outgoing traffic on a machine. In other words, it’s a pretty important element of computer security. If we have a computer that connects to the Internet, it’s a good idea to set up a firewall.
Even though Linux has excellent security features pre-installed, it is good to be cautious and take extra measures.
In this sense, Ubuntu comes with an application that facilitates the configuration of a Firewall. It is UFW (Uncomplicated Firewall or Firewall without complications) that is presented as a front-end of Iptables. UFW is commonly installed by default on Ubuntu 18.04. But most likely it is disabled. UFW has a graphical interface called GUFW that you can install if you have a desktop environment.
Configure firewall on Ubuntu 18.04 with UFW
As we said before, UFW comes pre-installed in Ubuntu 18.04, it just isn’t enabled. So the first thing you need to do is enable UFW.
To do so, we first need to connect to the server using SSH, or if you’re running Ubuntu 18.04 locally, just open the terminal. If you’re having trouble logging into your server, take a look at this .
ssh your-user@your-server
Once you have access to the server, enable UFW with the following command:
sudo ufw enable
If this results in the command not found error, install UFW with the following command.
sudo apt-get install ufw
Next, we have to check the status of UFW.
sudo ufw status
As we can see, now UFW is enabled.
By default, UFW prevents all incoming connections and allows all outgoing connections. For many users, this configuration is enough, but if we have network services or applications, we have to define some rules.
Configuring firewall rules on Ubuntu 18.04 with UFW
A firewall rule is an instruction that defines how a firewall works. Rules define which connections are accepted or denied.
Next, we will configure some Firewall rules using UFW:
Open and close ports with UFW
Ports are connection interfaces used by applications to establish a connection to a server.
With UFW it’s pretty easy to open or close them as you see fit. To open a port, we must execute this command:
sudo ufw allow
In the case of protocols, they can be TCP or UDP. This will depend on our needs. For example:
sudo ufw allow 56/tcp
This means that any applications or services that try to connect to our server using port 56 will be allowed.
However, we can block the use of that port with the following command:
sudo ufw deny 56/tcp
Now all applications that use TCP and try to connect to the server using port 56 will not be able to do so.
We can also open or deny a range of ports with a single command. This is great for saving time. The basic syntax looks like this:
sudo ufw allow/deny /protocol
To open the ports, the command would look like this:
sudo ufw allow 300:310/tcp
Or, to block them:
sudo ufw deny 300:310/tcp
Working with services in Ubuntu Firewall
There are some network services that UFW can apply. The way to manage them is to know the port they use to make connections to the server.
For example, HTTP requires port 80 to be available, and for HTTPS port 443 is available.
So, we need to run this command for HTTP:
sudo ufw allow http
Running this command is equivalent to enabling port 80 with the method explained above.
Therefore, we only need to know the ports used by the network services.
Deny or allow connections from IP addresses
It is also possible to deny access to a specific IP address.
To do this, we have to run the following command:
sudo ufw deny from IPADRESS
For example:
sudo ufw deny from 192.168.1.2
Or, on the contrary, if we want to allow access to that IP address.
sudo ufw allow from 192.168.1.3
Another thing we can do is specify if we want an IP address to be able to connect only to a specific port.
sudo ufw allow from to any port
In a real world scenario, the command would look like this:
sudo ufw allow from 192.168.1.4 to any port 44
With this, the IP address can only establish a connection if it uses port 44.
Delete a specific rule in Ubuntu Firewall
We can remove a specific rule from our UFW with a single command line input! But first, we have to list them all. To do so, we run this command:
sudo ufw status numbered
After that, we remove the rule we want. For example, we will eliminate rule number four.
sudo ufw delete 4
That’s all the basic features you should be aware of! You are now ready to configure your server security as you see fit. For more information, see the UFW handbook. You can access it with the following command:
sudo ufw –help
conclusion
The process of configuring a Firewall in Ubuntu 18.04 is easy thanks to UFW. However, the application has many more options to extend the protection of our server. Here you learned all the basics that should not be skipped. We hope this tutorial has been useful to you! Stay safe.
Gustavo is passionate about creating websites. He focuses on the application of SEO strategies at for Spain and Latin America, as well as the creation of high-level content. When he is not applying new WordPress tricks you can find him playing the guitar, traveling or taking an online course.
Facebook Comments
Disqus