Managing network security on various endpoints can be a challenging task. Adorned by its name, Uncomplicated Firewall, also known as UFW, provides an easy command line interface to manage network security for endpoints.

UFW provides a user-friendly framework for managing netfilter and a command-line interface for working with the firewall. On top of that, if you’d rather not deal with the command line, UFW has a few GUI tools, such as Gufw, that make working with the system incredibly simple.

To start off, you have to install the UFW package to your operating system using the following command.

apt update -y && apt install ufw

After UFW is installed, you want to make sure to either enable or disable IPV6 support in the configuration file by setting IPV6=yes or IPV6=no depending on your system's configuration.

nano /etc/default/ufw

Following up, set up the default policies for your device. In this example, we are blocking any incoming connections but allowing any outgoing connections by default.

sudo ufw default deny incoming
sudo ufw default allow outgoing

To allow incoming connections from SSH, you need to run the following command. If you are running SSH on a different port, make sure to change that to whatever suits your needs.

ufw allow 22

You can also check out the list of applications and their information registered in UFW using the following commands.

ufw app list
ufw app info "Nginx Full"

Allowing both HTTP and HTTPS traffic using Nginx has never been easier than running the following command

ufw allow "Nginx Full"

Finally, you can enable UFW by entering the following command.

ufw enable

You are now running a machine with a rather uncomplicated firewall configured. You can check UFW's status at any time using ufw status. Also, make sure to check out any additional command you need using ufw help! 🔥

Post image by MasterTux