Introduction to UFW (Uncomplicated Firewall)

1 min read Web Security Fundamentals

Introduction to UFW (Uncomplicated Firewall)

UFW provides a user-friendly interface to iptables, making firewall configuration more accessible while maintaining powerful functionality. It's particularly popular on Ubuntu systems and provides a good balance between simplicity and capability for web server protection.

Initial UFW setup:

# Install UFW (usually pre-installed on Ubuntu)
sudo apt-get install ufw

# Set default policies
sudo ufw default deny incoming
sudo ufw default allow outgoing
sudo ufw default deny forward

# Enable UFW (WARNING: Ensure SSH is allowed first if connecting remotely)
sudo ufw allow from 10.0.0.0/24 to any port 22
sudo ufw enable

Basic web server configuration with UFW:

# Allow HTTP and HTTPS
sudo ufw allow 80/tcp
sudo ufw allow 443/tcp

# Allow SSH from specific subnet
sudo ufw allow from 10.0.0.0/24 to any port 22

# Check status
sudo ufw status verbose