Firewall and Security Basics (UFW) on Ubuntu
How to install and configure the UFW firewall on your VPS to prevent unauthorized access to your ports.
When you spin up a VPS, all its ports are exposed to the internet by default. It's crucial to secure them with a firewall. On Ubuntu/Debian systems, the most accessible tool is UFW (Uncomplicated Firewall).
Step 1: Installing UFW
Connect to the server via SSH (as root) and check if UFW is installed. If not, install it with the command:
apt update
apt install ufwStep 2: Allowing important ports
Critical Warning: Before enabling the firewall, you MUST allow the SSH port (port 22). If you don't do this, you will lose access to the server after activating the firewall and lock yourself out!
ufw allow 22/tcpIf you are running a web server, also allow HTTP (80) and HTTPS (443):
ufw allow 80/tcp
ufw allow 443/tcpIf a Minecraft server is running on the VPS (on the default port), allow it as well:
ufw allow 25565Step 3: Enabling the firewall
Once you have opened all the ports you need, you can enable the firewall:
ufw enableThen press 'y' (yes) to confirm that you are aware of the possible disruption to your SSH connection.
Checking the status
If you want to check which ports are currently allowed at any time, enter:
ufw status verboseDidn't find what you were looking for? Contact us.