UFW (uncomplicated firewall) is a firewall configuration tool that runs on top of iptables, included by default within Ubuntu distributions. It provides a streamlined interface for configuring common firewall use cases via the command line.
By default, when enabled UFW will block external access to all ports on a server. In practice, that means if you are connected to a server via SSH and enable ufw before allowing access via the SSH port, you’ll be disconnected. Make sure you follow how to enable SSH access.
To see what is currently blocked or allowed, you may use the verbose parameter when running ufw status, as follows:
sudo ufw status
Allow SSH
When working with remote servers, you’ll want to make sure that the SSH port is open to connections so that you are able to log in to your server remotely.
The following command will enable the OpenSSH UFW application profile and allow all connections to the default SSH port on the server:
sudo ufw allow OpenSSH
Although less user-friendly, an alternative syntax is to specify the exact port number of the SSH service, which is typically set to 22 by default:
sudo ufw allow 22
Disable UFW
If for some reason you need to disable UFW, you can do so with the following command:
sudo ufw disable
Enable UFW
To enable UFW on your system, run:
sudo ufw enable
