UFW (Uncomplicated Firewall) is the default firewall management tool on Ubuntu. It wraps iptables with a simplified interface, making it easy to allow or deny traffic by port, service name, or IP range. This guide shows you how to set up and manage UFW on Ubuntu 26.04 LTS.
Tested and valid on:
- Ubuntu 26.04 LTS
Prerequisites
- Ubuntu 26.04 LTS server
- A user with sudo privileges
- SSH access to the server
Step 1 – Check UFW Status
UFW is installed by default. Check its current state:
sudo ufw status verboseStep 2 – Allow SSH Before Enabling
Always allow SSH first to avoid locking yourself out:
sudo ufw allow OpenSSHOr specify the port number if SSH runs on a non-default port:
sudo ufw allow 2222/tcpStep 3 – Enable UFW
Activate the firewall:
sudo ufw enableConfirm it is active:
sudo ufw statusStep 4 – Allow Common Services
Permit HTTP and HTTPS traffic for a web server:
sudo ufw allow 'Nginx Full'Or by port numbers:
sudo ufw allow 80/tcp
sudo ufw allow 443/tcpStep 5 – Allow a Specific IP Address
Grant a trusted IP full access:
sudo ufw allow from 203.0.113.10Restrict to a specific port:
sudo ufw allow from 203.0.113.10 to any port 5432Step 6 – Deny a Port
Block a specific port:
sudo ufw deny 8080/tcpStep 7 – Delete a Rule
List rules with numbers, then delete by number:
sudo ufw status numbered
sudo ufw delete 3Step 8 – View and Reset
Show verbose rule list:
sudo ufw status verboseReset all rules (use with care):
sudo ufw resetConclusion
Your Ubuntu 26.04 LTS server is now protected by UFW. As you install new services, remember to open only the ports they need and deny everything else by default.
