UFW Quickstart Guide

UFW is the default firewall configuration tool for Ubuntu. This quickstart guide outlines several useful commands and techniques to assist debugging UFW.

Enable UFW

Enable UFW with the default set of rules:

$ sudo ufw enable

View status

Check the status of the server firewall with sudo ufw status. You may see one of these results:

UFW is not installed

$ sudo ufw status
ufw: command not found

UFW is installed, but not configured

$ sudo ufw status
Status: inactive

UFW is running

The firewall rules in force are displayed.

$ sudo ufw status verbose
Status: active

To                         Action      From
--                         ------      ----
22                         ALLOW       Anywhere
22 (v6)                    ALLOW       Anywhere (v6)

Disable UFW

$ sudo ufw disable

Reset UFW to default

$ sudo ufw reset

Examples

Allow SSH, deny all others

An example that blocks all inbound traffic except SSH (port 22).

$ sudo ufw default deny incoming
$ sudo ufw default allow outgoing
$ sudo ufw allow ssh
$ sudo ufw enable
$ sudo ufw reload

Allow port 80 (HTTP) and 443 (HTTPS), deny all others

An example that blocks all inbound traffic except HTTP and HTTPS.

$ sudo ufw default deny incoming
$ sudo ufw default allow outgoing
$ sudo ufw allow 80/tcp
$ sudo ufw allow 443/tcp
$ sudo ufw enable
$ sudo ufw reload

More Information

For more information, see our UFW documentation.

Want to contribute?

You could earn up to $600 by adding new articles.

Submit your article Suggest an update Request an article

Article