How to set up & configure Ubuntu Firewall (UFW) for Ubuntu 18

2020-08-17 By Ryan 5803 Views linux ufw firewall security networking
4 reviews

UFW is the default firewall configuration tool for Ubuntu and it was developed to ease iptables firewall configuration. It provides a user-friendly way to create an IPv4 or IPv6 host-based firewall and it is disabled by default on the ubuntu system.

Steps to install UFW

  1. It should be installed by default in Ubuntu 18, otherwise use the command below to install.

    # apt install ufw


  2. Check the UFW status once the installation is completed.

    # ufw status verbose


  3. It is disabled by default, so use the below commands to enable and disable UFW.

    # ufw enable
    # ufw disable


Application Profiles

While installing any package with the apt command, it will add an application profile to /etc/ufw/applications.d directory to describe the service and contains UFW settings.

  1. Run the below command to list all application profiles available on your server.

    # ufw app list


  2. Run the below command to find more information about a specific profile and included rules.

    # ufw app info Apache


    Note: Replace the Application Apache with the original Application name.

Steps to Allow Connections

  1. Run the below command to allow the SSH connection.

    # ufw allow ssh


  2. Run the below command to allow any custom port.

    # ufw allow 3322/tcp


    Note: Replace the port number 3322 with your required custom port.

  3. Run the below commands to allow HTTP - Port 80 as an example.

    # ufw allow http
    # ufw allow 80/tcp


  4. Run the below commands to allow HTTPS - Port 443 as an example.

    # ufw allow https
    # ufw allow 443/tcp


  5. Run the below commands to allow both TCP and UDP port ranges as an example.

    # ufw allow 8200:8300/tcp
    # ufw allow 8200:8300/udp

    Note: Replace the port range with your required range.


  6. Run the below commands to allow specific IP addresses and specific IP addresses on a specific port as an example.

    # ufw allow from
    # ufw allow from to any port 22


    Note: Replace the IP address and port with your original IP address and required port setting.

Steps to Deny Connections

  1. Run the below command to deny all connections from an IP address.

    # ufw deny from


    Note: Replace the IP address with the original IP address.

  2. If only need to deny access to any ports from the IP address, use the below command.

    # ufw deny from to any port 80


    Note: Using deny rules is the same as using allow rules, here only need to replace allow with denying.

Delete UFW Rules

  1. You can delete the UFW rules by rule number and by specifying the actual rule. Run the below commands to check the rule number and remove UFW rules.

    # ufw status numbered
    # ufw delete 5

    Note: Replace the rule number with the original number.



  2. Run the below command to remove the UFW rule by specifying the actual rule as an example.

    # ufw delete allow 443/tcp


    Note: Replace the rule allow 443/tcp with the original rule.

Reset UFW

Resetting UFW will disable UFW and delete all active rules and it is the way if you want to revert all of your changes and start fresh.

# ufw reset


Related Tutorials

What do you think about this article?

Rate this article
Need assistance?

Try this guide to receive free bundled services at signup on a new free account.

Sign Up

Your Feedback Is Important

We hope you’ll give the new products and updates a try. If you have an idea for improving our products or want to vote on other user ideas so they get prioritized, please submit your feedback on our Community platform. And if you have any questions, please feel free to ask in the Community or contact our Technical Support team.