{"id":617,"date":"2025-12-19T17:57:13","date_gmt":"2025-12-19T13:57:13","guid":{"rendered":"https:\/\/hostatto.com\/blog\/?p=617"},"modified":"2025-12-19T18:00:03","modified_gmt":"2025-12-19T14:00:03","slug":"setting-up-a-firewall-for-a-server-using-ufw","status":"publish","type":"post","link":"https:\/\/hostatto.com\/blog\/setting-up-a-firewall-for-a-server-using-ufw.html","title":{"rendered":"Setting up a Firewall for a Server Using UFW"},"content":{"rendered":"<p>UFW is a convenient wrapper around iptables.<\/p>\n<h2>1. Checking and installing UFW<\/h2>\n<blockquote><p>sudo apt update<br \/>\nsudo apt install ufw -y\n<\/p><\/blockquote>\n<p>Examination:<\/p>\n<blockquote><p>ufw status\n<\/p><\/blockquote>\n<p>Most likely: Status: inactive. This is normal.<\/p>\n<h2>2. You must allow SSH (otherwise you'll crash!)<\/h2>\n<blockquote><p>sudo ufw allow OpenSSH\n<\/p><\/blockquote>\n<h2> 3. Allow the required services <\/h2>\n<p>For web server:<\/p>\n<blockquote><p>sudo ufw allow 80\/tcp     # HTTP<br \/>\nsudo ufw allow 443\/tcp    # HTTPS\n<\/p><\/blockquote>\n<p>If you are planning Python \/ API (e.g. 8000):<\/p>\n<blockquote><p>sudo ufw allow 8000\/tcp\n<\/p><\/blockquote>\n<h2> 4. Turn on the firewall<\/h2>\n<blockquote><p>sudo ufw enable\n<\/p><\/blockquote>\n<p>Confirm <strong>y<\/strong><\/p>\n<h2>5. Checking the result<\/h2>\n<blockquote><p>sudo ufw status verbose\n<\/p><\/blockquote>\n<p>It should be something like this:<\/p>\n<blockquote><p>Status: active<\/p>\n<p>22\/tcp     ALLOW Anywhere<br \/>\n80\/tcp     ALLOW Anywhere<br \/>\n443\/tcp    ALLOW Anywhere\n<\/p><\/blockquote>\n<p>Hard ground rules (recommended)<\/p>\n<blockquote><p>sudo ufw default deny incoming<br \/>\nsudo ufw default allow outgoing\n<\/p><\/blockquote>\n<p>Applying<\/p>\n<blockquote><p>sudo ufw reload\n<\/p><\/blockquote>\n<p>\u2705 Firewall is ready<\/p>\n","protected":false},"excerpt":{"rendered":"<p>...<\/p>\n","protected":false},"author":1,"featured_media":341,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[25],"tags":[82,81,22,80],"class_list":["post-617","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-linux","tag-firewall","tag-iptables","tag-server","tag-ufw"],"_links":{"self":[{"href":"https:\/\/hostatto.com\/blog\/wp-json\/wp\/v2\/posts\/617","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/hostatto.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/hostatto.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/hostatto.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/hostatto.com\/blog\/wp-json\/wp\/v2\/comments?post=617"}],"version-history":[{"count":0,"href":"https:\/\/hostatto.com\/blog\/wp-json\/wp\/v2\/posts\/617\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/hostatto.com\/blog\/wp-json\/wp\/v2\/media\/341"}],"wp:attachment":[{"href":"https:\/\/hostatto.com\/blog\/wp-json\/wp\/v2\/media?parent=617"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/hostatto.com\/blog\/wp-json\/wp\/v2\/categories?post=617"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/hostatto.com\/blog\/wp-json\/wp\/v2\/tags?post=617"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}