Configuring Simple Firewalls in Ubuntu 14.04 Using UFW
When building up a Web Server, especially Unmanaged all you have in mind is how to secure your server right? Now you need a firewall to block and open some ports in your server.
Firstly why do I need to block a port?
Let me use MySQL for example, I install MySQL and we all know the default port for MySQL is 3306. This port becomes open in your server for external incoming connections, since am not doing Remote MySQL am shutting down the port for local use only else, I assume you know what’s DDOS Attack which attacks on open ports in your server to use up resources and leave your server knocked out of memory. It is mainly done on port 80 which is for web servers and attackers are sure the port is open. So without Firewalls, ports that are not useful externally can be left open for incoming connections and softwares like nmap can be used to scan ports in your server and know where to attack from
How to I get this Firewall?
On posting this, am using Ubuntu as a server which already has the IPTABLES to manage ports and incoming connections but this is complex. And here comes the easy and simple UFW (Uncomplicated Firewall) package which is a frontend to the IPTABLES. Installation in Ubuntu
$ sudo apt-get update $ sudo apt-get install ufw
Using UFW
Cool! Installation is done, now what next? Now add ports to keep open, as am running a web server I must keep port 80 open
$ sudo ufw allow 80
Caution: If you are logged in to your server via SSH please make sure you allow the port 22 else you can’t login again!
$ sudo ufw allow 22
Restricting a port for a type of connection, like FTPs are TCP connections, UDPs are not allowed
$ sudo ufw allow 21/tcp
How can I allow a specific package?
You might need to allow a package so that in case you change port of the package, you won’ t need to update your port list again. Let me allow SSH
$ sudo ufw allow ssh
Allowing Port Range
UFW has the feature of allowing port range but here you must specify connection type, either TCP or UDP. Let me add port range of 10 to 20
$ sudo ufw allow 10:20/tcp
Finally Activate the UFW
We never activated the UFW remember? Check with
$ sudo ufw status
Now enable with
$ sudo ufw enable
“Firewall is active and enabled on system startup”
Deleting a Rule
Here, deletion of rules are done in their serial number type in this
$ sudo ufw status numbered
Output is similar to:
To Action From -- ------ ---- [ 1] 80 ALLOW IN Anywhere [ 2] 21 ALLOW IN Anywhere [ 3] 22 ALLOW IN Anywhere [ 4] 80 (v6) ALLOW IN Anywhere (v6) [ 5] 21 (v6) ALLOW IN Anywhere (v6) [ 6] 22 (v6) ALLOW IN Anywhere (v6)
Let me delete port 22 for IPv4
$ sudo ufw delete 3
These are the few I can type 🙂 for more, read up manual
Hope it helps!