Working with UFW on Ubuntu

This is a basic orientation for the UFW application. This should provide insights you’re probably not aware of, but many might assume you already know.

Is a wrapper that sits on top of IPTables. This means you can use IPTables directly without the UFW application.
Will explicitly block everything by default. It assumes a security by default configuration. Note: If you enable it you might lock yourself out unintentionally and you might kill traffic (especially if a web server).
It comes installed on the latest distros (earlier distro’s require you to install), but disabled by default. You must take the action to enable it if you want to protect your system.

I like that, by default, it distrusts the world – blocking everything. Instead of worrying what needs to be closed, it makes you focus on what you need to open.

A Practical Application – Working with a Web Server

If you’re configuring a web server, you might want to consider the following configurations:

Traffic needs to reach the Apache application (port 80 / 443)
You need to be able to connect using secure transfers mediums like SSH / SFTP (port 22)
Consider if you want to send or receive mail (port 25)

UFW was introduced to simplify the process of using IPTables. Keep this in mind and you’ll better appreciate it’s application and the associated syntax.

In the above example, working a web server, this is how you would make sure each application works.

One approach might be to open the ports themselves, independent of the application:


# ufw allow 80/tcp
# ufw allow 443/tcp
# ufw allow 22
# ufw 25

Alternatively, you could use basic language like this to open the ports associated with an application:


# ufw allow ‘Apache Full’
# ufw allow ssh

# ufw allow http
# ufw allow https

In each instance, the common name will open the associated ports with Apache and SSH.

Enabling and disabling is straight forward. When you have your configuration set, enable UFW and check the status of your configurations.

# ufw enable
# ufw status

The status command will give you a good list of what you’ve configured.

A great resource to dive deeper into the possible configurations can be found on DigitalOcean’s UFW Essentials: Common Firewall Rules and Commands.

Posted in Security_Configurations Linux Security Ubuntu by noc_team

NOC.org

Website security is our passion. In this section we will share articles about web attacks and how to secure your sites.

NOC.org Services

NOC offers a number of services.

NOC Free Services

NOC powers a number of free tools:

NOC Help Documentation

These categories organize our help documentation:

Latest Articles

2022-10-13
Registries, Registrars and DNS

2022-10-13
WooCommerce Patches Two SQLi Vulnerabilities

2022-10-13
The Affects of a CDN on your Websites Performance and Users Experience (and Google)

2022-10-13
Responding to Security Incidents – Incident Response Plan Basics and Log4Shell

2022-10-13
Securing WordPress in The Enterprise

2022-10-13
Log4Shell – Lessons Learned in 30 Days

Latest Help Documents

2022-10-17
How To Change Nameservers on NameCheap

2022-10-17
How To Change Nameservers on Hover

2022-10-17
How To Change Nameservers on GoDaddy

2022-10-17
How To Change Nameservers on Network Solutions

2022-09-30
Getting started Website Monitoring

2022-09-30
Getting started w/Authoritative DNS

Contact us!

Do you have an idea for an article that is not here? See something wrong? Contact us at support@noc.org