Hello everyone, maybe you already know that every time you install Ubuntu 20.04 it is included with an application firewall called UFW (uncomplicated firewall) which by default it has been disabled. Well, in this article, we can use UFW to protect our PC / Server and only open certain important ports such as port 80 (webserver), 443 (SSL webserver) and 22 (for remote SSH). Okay, let’s get started, but before you do. you can first check your UFW status whether it is active or not with the command below:
ufw status
or
ufw status verbose
next to enable ufw, enter this command below
ufw enable
1. Web Server
To open port 80 (HTTP)
ufw allow http
or
ufw allow 80
To open port 443 (HTTPS)
ufw allow https
or
ufw allow 443
(Optional) You can also set the webserver to only be accessible by certain IPs or also only open certain ports such as TCP / UDP. For example, you can see below
only open port 80 with the TCP protocol only
ufw allow 80/tcp
only open port 80 on certain IPs (e.g. 192.168.77.22)
ufw allow from 192.168.77.22 to any port 80
2. SSH
To open port 22 (SSH)
ufw allow ssh
or
ufw allow 22
(Optional) You can also set SSH to only be accessible by certain IPs as well as above (usually I set according to the local IP connected to the network, so that it cannot be accessed on the internet)
only open port 22 on certain IPs (for example 192.168.77.22)
ufw allow from 192.168.77.22 to any port 22
3. Other Custom Ports
- FTP: 21
- Telnet: 23
- Winbox: 8291 (mikrotik)
(TIPS) And then the last one, for example, you made a mistake and want to delete the firewall settings that you have made, you can use the command below.
command to see all the rules
ufw status numbered
then there will be a number on the left, and you can delete the rule according to the number listed. for example you want to delete rule number 2 you can use the command
ufw delete 2