Debian, Home Server, Linux, Security

How to install and configure UFW – Uncomplicated FireWall

When hosting your own home-environment, you probably have some services exposed to the internet (webserver, mail,…).
Good practice when exposing your server to the internet, is installing a firewall.
In this case we will install and configure UFW on Debian 12.

Installing UFW:

sudo apt update
sudo apt install ufw

Setting up UFW Defaults:

First we are going to deny all incoming requests by default.
sudo ufw default deny incoming

Then we are going to allow all outgoing connections.
sudo ufw default allow outgoing

Very important, as this is a Linux server, you’ll probably use SSH to connect to it, you don’t want to get locked out by your firewall.
Allow SSH (default port 22) to UFW
sudo ufw allow ssh

Important: If you changed the default port of SSH from 22 to for example 2000, you need to add port 2000 to the allow list, as previous command will only allow port 22
sudo ufw allow 2000
This command will allow both port 2000 TCP and UDP.
If you want to specify 2000 TCP, use:
sudo ufw allow 2000/tcp

Now SSH is added to the allow list of incoming connections, you can activate UFW.
sudo ufw enable

To check the current status of UFW:
sudo ufw status

or for a more in depth output:
sudo ufw status verbose

To disable UFW:
sudo ufw disable

To reset UFW:
sudo ufw reset

man UFW

Tagged , , , ,

Leave a Reply

Your email address will not be published. Required fields are marked *