UFW (Uncomplicated Firewall) is the default firewall management tool on Ubuntu. It wraps iptables with a simplified interface. This guide shows you how to set up and manage UFW on Ubuntu 24.04 LTS.
Tested and valid on:
- Ubuntu 24.04 LTS
Prerequisites
- Ubuntu 24.04 LTS server
- A user with sudo privileges
- SSH access to the server
Step 1 – Check UFW Status
UFW is installed by default. Check its current state:
sudo ufw status verbose Step 2 – Allow SSH Before Enabling
Always allow SSH first to avoid locking yourself out:
sudo ufw allow OpenSSH Or specify a non-default port:
sudo ufw allow 2222/tcp Step 3 – Enable UFW
Activate the firewall:
sudo ufw enable Confirm it is active:
sudo ufw status Step 4 – Allow Common Services
Permit HTTP and HTTPS:
sudo ufw allow 'Nginx Full' Or by port number:
sudo ufw allow 80/tcp
sudo ufw allow 443/tcp Step 5 – Allow a Specific IP Address
Grant a trusted IP full access:
sudo ufw allow from 203.0.113.10 Restrict to a specific port:
sudo ufw allow from 203.0.113.10 to any port 5432 Step 6 – Deny a Port
Block a specific port:
sudo ufw deny 8080/tcp Step 7 – Delete a Rule
List rules with numbers, then delete by number:
sudo ufw status numbered
sudo ufw delete 3 Step 8 – View and Reset
Show verbose rule list:
sudo ufw status verbose Reset all rules (use with care):
sudo ufw reset Conclusion
Your Ubuntu 24.04 LTS server is now protected by UFW. As you install new services, remember to open only the ports they need and deny everything else by default.
