How to Setup a Firewall on a VPS Using UFW

Introduction

When you create a VPS, all ports are usually open by default. This means your server is exposed to the internet, which can lead to security risks.

A firewall helps you control which traffic is allowed and which is blocked.

In this guide, you will learn how to set up a firewall on your VPS using UFW in a simple and secure way.

Table of Contents

1. What is a Firewall?
2. What is UFW?
3. Installing UFW
4. Allowing Required Ports
5. Enabling the Firewall
6. Checking Firewall Status
7. Common Commands
8. Conclusion

What is a Firewall?

A firewall is a security system that controls incoming and outgoing traffic on your server.

It decides:

• Which connections are allowed
• Which connections are blocked

This helps protect your VPS from unauthorized access.

What is UFW?

UFW stands for Uncomplicated Firewall. It is a simple tool used to manage firewall riles on Linux servers.

Instead of writing complex firewall rules, UFW allows you to use simple commands. It is widely used and beginner-friendly.

Installing UFW

Before we install UFW, we need to update our server.

sudo apt update

Now install UFW:

sudo apt install ufw

To verify the installation, check the version:

ufw version 

If you see the version, it means ufw is installed correctly.

Allowing Required Ports

Before enabling the firewall, you must allow essential ports.

1. Allow SSH

You must allow port 22 to access your server using ssh.

sudo ufw allow 22

Without this you may lose access to your server.

2. Allow HTTP

sudo ufw allow 80

This port allows http requests to your server.

3. Allow HTTPS

sudo ufw allow 443

This port allows https requests to your server.

Enabling the Firewall

Now enable UFW:

sudo ufw enable

You will be asked to confirm the firewall. Confirm it.

Your firewall is now active.

Checking Firewall Status

To check the status of firewall, run:

sudo ufw status 

You will see something like this:

Status: active
 
To                         Action      From
--                         ------      ----
OpenSSH                    LIMIT       Anywhere
80                         ALLOW       Anywhere
443                        ALLOW       Anywhere
OpenSSH (v6)               LIMIT       Anywhere (v6)
80 (v6)                    ALLOW       Anywhere (v6)
443 (v6)                   ALLOW       Anywhere (v6)
 

As you can see the firewall status and the allowed ports.

Common Commands

Here is the list of some common UFW commands to configure the firewall.

Allow a port:

sudo ufw allow port

Deny a port:

sudo ufw deny port

Delete a rule

sudo ufw delete allow port

Note: Replace port with the actual port you want such as 3000, 8000.

Disable firewall:

sudo ufw disable

Conclusion

Setting up a firewall is one of the most important steps in securing your VPS.

In this guide, you learned how to:

• Install UFW
• Allow required ports
• Enable and manage firewall rules

This simple setup helps protect your server from unwanted access and improve overall security.