When hosting your own home-environment, you probably have some services exposed to the internet (webserver, mail,…).
Good practice when exposing your server to the internet, is installing a firewall.
In this case we will install and configure UFW on Debian 12.
Installing UFW:
sudo apt update
sudo apt install ufw
Setting up UFW Defaults:
First we are going to deny all incoming requests by default.
sudo ufw default deny incoming
Then we are going to allow all outgoing connections.
sudo ufw default allow outgoing
Very important, as this is a Linux server, you’ll probably use SSH to connect to it, you don’t want to get locked out by your firewall.
Allow SSH (default port 22) to UFW
sudo ufw allow ssh
Important: If you changed the default port of SSH from 22 to for example 2000, you need to add port 2000 to the allow list, as previous command will only allow port 22
sudo ufw allow 2000
This command will allow both port 2000 TCP and UDP.
If you want to specify 2000 TCP, use:
sudo ufw allow 2000/tcp
Now SSH is added to the allow list of incoming connections, you can activate UFW.
sudo ufw enable
To check the current status of UFW:
sudo ufw status
or for a more in depth output:
sudo ufw status verbose
To disable UFW:
sudo ufw disable
To reset UFW:
sudo ufw reset