Ufw or ‘uncomplicated firewall’ is a really nice tool that allows you to easily manage ‘iptables’ firewall in Linux with a bit more user friendly frontend instead of ‘iptable’ chains and rules.
It’s included in the most recent version of Debian and Ubuntu and we’ll start with a simple example – how to open or restrict SSH access to your cloud server.
To allow the SSH port:
ufw allow ssh
ufw allow 22/tcp
This will open the SSH port ( TCP 22 ) to the entire world.
Your cloud server is a public machine and you might want to protect it a bit better than being open to the whole Internet. To restrict the SSH access from only one IP address you can do:
ufw allow from your_ip_address to any port 22
ufw allow from 126.96.36.199 to any port 22
You can also allow SSH access to you server from a range of addresses using the network slash notation:
ufw allow from 188.8.131.52/24 to any port 22
Before we are ready to go with your new firewall setup with ‘ufw’ we can check if it’s enabled by:
and eventually if you get “status: inactive” enable it:
Get updates on cloud server security topics by following CloudBalkan.