Security is something that should not be taken lightly, in the age when cyber-crimes are on the headlines of every other IT related article. Therefore, it is always advisable to take security measures to add an additional level of security to your server.
By protecting our server, we also protect our data. An efficient way to do this is to configure a Firewall in Ubuntu 18.04. With this, we will be able to supervise the incoming and outgoing connections made to our server. In this tutorial, we will teach you how to configure a Firewall with UFW in Ubuntu 18.04.
Using the Ubuntu Firewall to Protect Your Server
A firewall is computer hardware or software that controls inbound and outbound traffic of a machine. In other words, it is a fairly important element of computer security. If we have a computer that connects to the Internet, it is a good idea to set it up.
Even if Linux has excellent security features preinstalled, you can never be too careful.
In this sense, Ubuntu comes with an application that facilitates the configuration of a Firewall. This is a UFW (Uncomplicated Firewall) that is presented as a front-end of Iptables. UFW commonly comes installed by default in Ubuntu 18.04. But it will most likely be disabled. UFW has a graphical interface called GUFW that you can install if we have a desktop environment.
Configuring the Firewall with UFW on Ubuntu 18.04
As we said before, UFW is installed by default in Ubuntu 18.04. Only that it is not enabled. So, the first thing to do is to enable UFW.
To do this, we must first connect to the server using SSH, or if running Ubuntu 18.04 locally, just open a terminal. If you’re having trouble logging into your server, take a look at this tutorial.
Once we have access to our server, we will enable UFW with the following command:
sudo ufw enable
If you receive the command not found error, install UFW with the following command.
sudo apt-get install ufw
Then, we have to check the UFW status.
sudo ufw status
As we can see, UFW is now enabled.
By default, UFW denies all incoming connections and allows all outgoing connections. For many users this configuration is sufficient, but if we have network services or applications, we have to establish some rules.
Setting Firewall Rules on Ubuntu 18.04 with UFW
A Firewall rule is an instruction that shapes how a Firewall works. The rules define which connections are accepted or denied.
Next, we will configure some Firewall rules using UFW:
Open and Close Ports with UFW
The ports are connection interfaces used by applications to establish a connection to a server.
With UFW it is quite easy to open or close them as we see fit. To open a port, we need to run this command:
sudo ufw allow [port/protocol]
In the case of protocols, they can be TCP or UDP. This will depend on our needs. For example:
sudo ufw allow 56/tcp
This means that all applications or services that attempt to connect to our server using port 56 will be allowed.
However, we can deny the use of that port with the following command:
sudo ufw deny 56/tcp
Now, all applications that use TCP and try to connect to the server using port 56 will not be able to do so.
We can also, in single command, open or deny a range of ports. This is great for saving time. The basic syntax looks like this:
sudo ufw allow/deny [Starting_port:Ending_port]/protocol
To open ports the command would look like the following:
sudo ufw allow 300:310/tcp
Or, to deny them:
sudo ufw deny 300:310/tcp
Working with Services on Ubuntu Firewall
There are some network services that UFW can enforce. The way to manage them is to know the port they use for making connections to the server.
For example, HTTP requires that port 80 is available and for HTTPS port 443 is available.
So, we need to run this command for HTTP:
sudo ufw allow http
The command run is equivalent to enabling port 80 as previously explained.
So, we only need to know the ports used by the network services.
Deny or Allow IP Address Connections
It is also possible to deny access for a specific IP address.
To do this, we have to execute the following command:
sudo ufw deny from IPADRESS
sudo ufw deny from 192.168.1.2
Or on the contrary, if we want to allow access to that IP address.
sudo ufw allow from 192.168.1.3
Another thing we can do is specify if we want an IP address to be able to connect only to a specific port.
sudo ufw allow from [IP_ADDRES] to any port [PORT]
In a real world scenario the command would look like this:
sudo ufw allow 192.168.1.4 to any port 44
With this, the IP address can only make a connection if it uses port 44.
Deleting a Specific Rule on Ubuntu Firewall
We can remove a specific rule from our UFW with a single command line entry! But first, we have to list them all. To do it, we have to run this command:
sudo ufw status numbered
After that, we delete the rule that we want. For example, We will delete rule number four.
sudo ufw delete 4
That’s all the basic functions you should be aware of! You’re ready to configure your server’s security the way you see fit. If you want more information, browse the UFW manual. You can access it with the following command:
sudo ufw –help
The process of configuring a Firewall in Ubuntu 18.04 is easy to do thanks to UFW. However, the application has many more options to extend the protection of our server. Here you learned all the basics that shouldn’t be skipped. We hope you found this tutorial useful! Stay safe.