Ubuntu 18 : How to add basic firewall with ufw

It should be installed by default on Ubuntu, but some virtualization images etc might not have it.

Login with ssh to your server, with a sudo abled user and install ufw

sudo apt install ufw

Note: It’s important you stay logged in while you sort this out, and that you don’t restart the server, or enable the firewall etc, until we’re done. You don’t want to lock yourself out.

Note: If you have not changed your ssh port, allow port 22, otherwise allow your custom port.

Before we do anything, let’s reset some basic rules:

sudo ufw default deny incoming
sudo ufw default allow outgoing

And now let’s first add the ssh port, for example, 22 or the custom port like 22555

sudo ufw allow 22
sudo ufw allow 22555

Additional services like 80 and 443 for web servers, or 25565 for Minecraft, might be handy to add now as well.

sudo ufw allow 80
sudo ufw allow 443

Next, since you’ve added your ssh port (go double check!) you can enable the firewall:

sudo ufw enable

If you get kicked out and can’t get back in, most servers have a control panel through the host. You can use the serial console there with a root user, to disable and reset the firewall.

sudo ufw disable
sudo ufw reset

Hopefully you don’t need that.