Setting up a Firewall for a Server Using UFW

UFW is a convenient wrapper around iptables.

1. Checking and installing UFW

sudo apt update
sudo apt install ufw -y

Examination:

ufw status

Most likely: Status: inactive. This is normal.

2. You must allow SSH (otherwise you'll crash!)

sudo ufw allow OpenSSH

3. Allow the required services

For web server:

sudo ufw allow 80/tcp # HTTP
sudo ufw allow 443/tcp # HTTPS

If you are planning Python / API (e.g. 8000):

sudo ufw allow 8000/tcp

4. Turn on the firewall

sudo ufw enable

Confirm y

5. Checking the result

sudo ufw status verbose

It should be something like this:

Status: active

22/tcp ALLOW Anywhere
80/tcp ALLOW Anywhere
443/tcp ALLOW Anywhere

Hard ground rules (recommended)

sudo ufw default deny incoming
sudo ufw default allow outgoing

Applying

sudo ufw reload

✅ Firewall is ready