Configuring Simple Firewalls in Ubuntu 14.04 Using UFW

When building up a Web Server, especially Unmanaged all you have in mind is how to secure your server right? Now you need a firewall to block and open some ports in your server.

Firstly why do I need to block a port?

Let me use MySQL for example, I install MySQL and we all know the default port for MySQL is 3306. This port becomes open in your server for external incoming connections, since am not doing Remote MySQL am shutting down the port for local use only else, I assume you know what’s DDOS Attack which attacks on open ports in your server to use up resources and leave your server knocked out of memory. It is mainly done on port 80 which is for web servers and attackers are sure the port is open. So without Firewalls, ports that are not useful externally can be left open for incoming connections and softwares like nmap can be used to scan ports in your server and know where to attack from

How to I get this Firewall?

On posting this, am using Ubuntu as a server which already has the IPTABLES to manage ports and incoming connections but this is complex. And here comes the easy and simple UFW (Uncomplicated Firewall) package which is a frontend to the IPTABLES. Installation in Ubuntu

$ sudo apt-get update

$ sudo apt-get install ufw 

Using UFW
Cool! Installation is done, now what next? Now add ports to keep open, as am running a web server I must keep port 80 open

$ sudo ufw allow 80

 

Caution: If you are logged in to your server via SSH please make sure you allow the port 22 else you can’t login again!

$ sudo ufw allow 22

 

Restricting a port for a type of connection, like FTPs are TCP connections, UDPs are not allowed

$ sudo ufw allow 21/tcp

 

How can I allow a specific package?

You might need to allow a package so that in case you change port of the package, you won’ t need to update your port list again. Let me allow SSH

$ sudo ufw allow ssh

 

Allowing Port Range

UFW has the feature of allowing port range but here you must specify connection type, either TCP or UDP. Let me add port range of 10 to 20

$ sudo ufw allow 10:20/tcp

 

Finally Activate the UFW

We never activated the UFW remember? Check with

$ sudo ufw status

 

Now enable with

$ sudo ufw enable

 

“Firewall is active and enabled on system startup”

Deleting a Rule

Here, deletion of rules are done in their serial number type in this

$ sudo ufw status numbered

Output is similar to:

    To                         Action      From
--                         ------      ----
[ 1] 80                         ALLOW IN    Anywhere
[ 2] 21                         ALLOW IN    Anywhere
[ 3] 22                         ALLOW IN    Anywhere
[ 4] 80 (v6)                    ALLOW IN    Anywhere (v6)
[ 5] 21 (v6)                    ALLOW IN    Anywhere (v6)
[ 6] 22 (v6)                    ALLOW IN    Anywhere (v6)

Let me delete port 22 for IPv4

$ sudo ufw delete 3

These are the few I can type 🙂 for more, read up manual

Hope it helps!