Quick guide to UFW

UFW is a useful tool, included by default in Ubuntu distributions, for configuring the firewall.

Behind the scenes, UFW still uses iptables.

Check firewall status

sudo ufw status verbose

Enable and disable the firewall

sudo ufw enable
sudo ufw disable

Block an IP address or subnet

sudo ufw deny from 203.0.113.110
sudo ufw deny from 203.0.113.0/24

Delete a rule

Use ufw delete followed by the rule:

sudo ufw delete allow from 203.0.113.110

Application profiles

Many network applications install a UFW profile.

For example, with Nginx you can allow HTTP and HTTPS traffic through the bundled profile:

sudo ufw app list
sudo ufw allow "Nginx"