Install & setup a firewall

This document will help you install and configure a UFW firewall to secure incoming connections to your server. We will detail here the basics to customize over the tutorials available on this blog.

Sommaire du tutoriel


Before starting this tutorial, please carefully read the following prerequisites :

1. Installation

Connect in SSH to the server.

Then let’s start by updating our server :

    > sudo apt-get -y update && sudo apt-get -y upgrade && sudo apt-get autoremove

Then install the UFW firewall package :

    > sudo apt install -y ufw

2. Configuration

In our base configuration, we will disallow all incoming connections

    > sudo ufw default deny incoming

Then we will only allow connections to the SSH port (here port 22123)

    > sudo ufw allow 22123/tcp

To validate the configuration run the command :

    > sudo ufw enable

To check the status of your firewall :

    > sudo ufw status verbose

If all went well, this last command should print :

    Status: active
    Logging: on (low)
    Default: deny (incoming), allow (outgoing), disabled (routed)
    New profiles: skip
        To                         Action      From
        --                         ------      ----
        22123/tcp                  ALLOW IN    Anywhere
        22123/tcp (v6)             ALLOW IN    Anywhere (v6)