How do I enable UFW in Ubuntu? Learn how to protect your box

How do I enable UFW in Ubuntu - Learn how to protect your box
So how do you enable UFW in Ubuntu Linux 20.04 / 18.04 / 16.04 LTS server or desktop system to protect yourself from hackers and crackers? Let us see how easy it is to use ufw on Linux.

What is UFW?

ufw means an uncomplicated firewall. It provides both a command-line interface and a framework for managing a Netfilter (iptables) firewall. We can protect the cloud server or desktop with IPv4 and IPv6. You can be an Ubuntu developer or sysadmin. One must quickly enable UFW in Ubuntu to secure servers and desktop.

Enabling UFW on Ubuntu 20.04 / 18.04 / 16.04 LTS

  1. Open the terminal application.
  2. For remote server login using the ssh command. For instance:
    ssh user@your-server-ip-address-here
    ssh vivek@aws-ec2-server-ip
  3. Next, gain a root shell on Ubuntu box:
    sudo -i
  4. Before we enable ufw, open, and allow access to our ssh port, we don’t want to be locked out:
    ufw allow ssh
  5. Make sure we allow outgoing connect from our Ubuntu Linux desktop or server:
    ufw default allow outgoing
  6. Block all incoming connection except ssh by default:
    ufw default deny incoming
  7. Turn on and enable ufw to protect us from hackers, run:
    ufw enable
  8. That is all.

Viewing ufw firewall status

All you have to do is type the following command:
sudo systemctl status ufw.service
Which should produce outputs as follows:

● ufw.service - Uncomplicated firewall
     Loaded: loaded (/lib/systemd/system/ufw.service; enabled; vendor preset: enabled)
     Active: active (exited) since Wed 2020-10-28 10:21:19 UTC; 5 days ago
       Docs: man:ufw(8)
    Process: 2608481 ExecStart=/lib/ufw/ufw-init start quiet (code=exited, status=0/SUCCESS)
   Main PID: 2608481 (code=exited, status=0/SUCCESS)

Oct 28 10:21:19 nixcraft-server-1 systemd[1]: Starting Uncomplicated firewall...
Oct 28 10:21:19 nixcraft-server-1 systemd[1]: Finished Uncomplicated firewall.

We can also run the ufw command:
sudo ufw status
And it will list rules:

Status: active

To                         Action      From
--                         ------      ----
22/tcp                     ALLOW       Anywhere                  
22/tcp (v6)                ALLOW       Anywhere (v6)             

Okay, I enabled ufw, what next?

We can open additional ports. Are you running a web server such as Apache or Lighttpd, or Nginx? Let us open TCP port 80 (HTTP) and (HTTPS):
sudo ufw allow http
sudo ufw allow https
sudo ufw status

Want to block an attacker’s IP address or subnet? Fear not, we can do that too:
$ sudo ufw deny from to any
$ sudo ufw deny from to any
$ sudo ufw insert 1 deny from comment 'block hacker'
$ sudo ufw insert 1 reject from

Of course, replace with an actual IP address or CIDR (Classless inter-domain routing), but you know that, don’t you? How about blocking outdate ports such those used by telnet (TCP/23) and ftp (21/20)? Here is how to do that too:
sudo ufw deny ftp
sudo ufw deny telne

Oh, we can block/deny by port number too:
sudo ufw deny 4444/tcp
How cool is that?

How about easy to use GUI tool for firewall management on Ubuntu Desktop?

Of course, not everyone is comfortable using the command line, especially developers and new Ubuntu desktop or laptop users. Let me offer you a gufw tool. It is an easy and spontaneous way to manage your Ubuntu Linux firewall. It supports everyday tasks such as allowing or blocking per-configured, familiar p2p, or individual port(s), and many others!

Installing gufw

Open the terminal application and then type the following apt command/apt-get command to install it:
sudo sh -c 'apt update && apt upgrade && apt install gufw'
Enabling UFW in Ubuntu using GUI tool called gufw installation

Configuring firewall with gufw

All you have to do is type the following command:
$ sudo gufw
For most users set setting as:

  • Profile=Home
  • Status=On
  • Incoming=Deny
  • Outgoing=Allow

You can add custom firewall rules by clicking on the Rules and + icon:

gufw screenshot for Ubuntu Desktop

gufw in action

Check out Gufw documentation for getting the most out of your firewall on Ubuntu.


We learned some simple but effective firewalling with ufw to protect ourselves from the scum of the Internet. Staying safe is essential. Always open only desired TCP and UDP ports. Ensure you write secure code and never trust user inputs for all your web-facing or internal services. Want to learn more? See:

🐧 Get the latest tutorials on Linux, Open Source & DevOps via RSS feed or Weekly email newsletter.

🐧 2 comments so far... add one
CategoryList of Unix and Linux commands
Disk space analyzersncdu pydf
File Managementcat
FirewallAlpine Awall CentOS 8 OpenSUSE RHEL 8 Ubuntu 16.04 Ubuntu 18.04 Ubuntu 20.04
Network UtilitiesNetHogs dig host ip nmap
OpenVPNCentOS 7 CentOS 8 Debian 10 Debian 8/9 Ubuntu 18.04 Ubuntu 20.04
Package Managerapk apt
Processes Managementbg chroot cron disown fg jobs killall kill pidof pstree pwdx time
Searchinggrep whereis which
User Informationgroups id lastcomm last lid/libuser-lid logname members users whoami who w
WireGuard VPNAlpine CentOS 8 Debian 10 Firewall Ubuntu 20.04
2 comments… add one
  • Mr. Dada Mar 9, 2021 @ 16:20

    Useful and to the point. thank you

  • Tony Mar 10, 2021 @ 7:33

    What about firewalld on Ubuntu? Is it possible?

Leave a Reply

Your email address will not be published.

Use HTML <pre>...</pre> for code samples. Still have questions? Post it on our forum