Alright so you’re running Linux and you’ve probably heard people say something like “You should set up a firewall” or “Make sure UFW is on.” And you’re sitting there like… okay but what even is a firewall and why should I care?
Let’s talk about how to actually use a firewall on Linux using something called UFW, which is short for Uncomplicated Firewall. And trust me, the name doesn’t lie. It’s actually simple.
Table of Contents
What’s a Firewall Anyway?
Think of a firewall like a bouncer at a party. It decides what gets in and what stays out. On your computer that means it controls what kind of network traffic is allowed or blocked.
So if you’re running a web server or even just using your laptop on public Wi-Fi you definitely want one. It helps protect your system from weird or unwanted connections.
What Is UFW?
UFW stands for Uncomplicated Firewall and it’s basically a beginner-friendly tool for managing firewall rules on Linux. It works with iptables under the hood but you don’t need to mess with any of that confusing stuff.
Most Ubuntu-based distros already come with UFW installed so you can just jump right in.
First Things First — Is UFW Installed?
Pop open your terminal and type this:
sudo ufw status
If it says “Status: inactive” then UFW is installed but not turned on yet. If it says “command not found” you can install it like this:
sudo apt install ufw
Boom. You’re ready.
How to Enable UFW
Super easy. Just type:
sudo ufw enable
It might give you a warning like “this may disrupt existing SSH connections” so be careful if you’re doing this over SSH. If you’re just on your personal machine though you’re totally fine.
Now UFW is active and your firewall is working.
Checking Status
Want to check what UFW is doing? Type:
sudo ufw status
If you want more details use:
sudo ufw status verbose
That shows you exactly which ports are open and what’s being allowed or blocked.
How to Allow or Block Stuff
Alright this is where UFW gets really useful. Here are some basic commands:
Allow a Service
If you want to allow something like SSH you’d do:
sudo ufw allow ssh
Or for a port:
sudo ufw allow 22
Same thing basically. You can also allow other services like:
sudo ufw allow http
sudo ufw allow https
That’s for web servers and stuff.
Deny a Port
Let’s say you want to block a certain port. Maybe 1234 is open and you don’t want it to be:
sudo ufw deny 1234
Easy.
Delete a Rule
If you allowed something by mistake and want to remove it:
sudo ufw delete allow 22
You can delete any rule you added using that format.
Allow from Specific IP Only
This is kind of advanced but still cool. If you only want your IP to access a server:
sudo ufw allow from 192.168.1.100 to any port 22
Replace the IP and port with whatever you want.
Disable the Firewall
If for some reason you need to turn it off:
sudo ufw disable
And yep you can turn it back on with sudo ufw enable again.
Reset Everything
Want to start over completely? You can do this:
sudo ufw reset
It’ll wipe all your rules and put UFW back to default settings.
FAQs About UFW and Firewalls on Linux
Do I really need a firewall on Linux?
Honestly yeah. Even though Linux is way more secure than Windows by default you’re still connected to the internet. It’s just smart to have one running especially on public networks or servers.
Is UFW good enough or should I use something else?
UFW is totally good enough for personal and even light server use. If you’re running something huge and complex you might want to learn iptables or firewalld but UFW gets the job done 99 percent of the time.
What happens if I allow the wrong port?
No big deal just delete the rule and you’re fine. It’s always good to double check what services you actually need open.
Does UFW slow down my computer?
Not at all. It runs in the background and uses barely any system resources.
Is UFW only for Ubuntu?
Nope. It works on most Debian-based distros and you can also get it on Arch, Manjaro, etc. You might just have to install it first.
Final Thoughts
Using a firewall sounds kinda technical but with UFW it’s honestly just a few commands and you’re good. Once you get used to it you’ll feel way more in control of your system’s security.
Plus it’s kind of cool knowing you’re not just some sitting duck online. You’ve got your firewall bouncer ready at the door.
Want help writing a custom firewall setup or locking down a web server with UFW? Just ask. I can walk you through that too.
