Install UFW

Checking if UFW is installed

Before installation, verify if UFW is already on your system. Many Ubuntu distributions include UFW by default. Check your current UFW status with this command:

sudo ufw version

If UFW is installed, you'll see version information. A "command not found" error means you need to install UFW.

Installing UFW on Ubuntu

Install UFW using Ubuntu's package manager. First, update your package list:

sudo apt update

Then install UFW:

sudo apt install ufw

Verify the installation by checking the UFW version again.

Enabling UFW safely

Before enabling UFW, you must configure basic access rules. This prevents accidental lockouts, especially when managing remote servers. Start by allowing SSH access:

sudo ufw allow ssh

Now enable UFW:

sudo ufw enable

You'll see a warning about existing connections. Type 'y' to proceed if you've allowed SSH access.

Configuring default policies

Set up secure default policies after enabling UFW. These policies control how UFW handles incoming and outgoing traffic:

sudo ufw default deny incoming
sudo ufw default allow outgoing

These settings block all incoming connections by default while allowing outgoing connections. You'll need to explicitly allow any incoming services you want to access.

Securing remote access

For better security, limit SSH access to specific IP addresses. The following command allows SSH access only from your current IP (3.22.217.176):

sudo ufw allow from 3.22.217.176 to any port 22

Always add at least two trusted IP addresses to prevent lockouts. Consider your office IP and home IP as backup access points.