A Firewall is a network security system, either software or hardware, that monitors and controls incoming and outgoing network traffic based on predefined security rules.
Some operating system installations include a pre-configured firewall, but many lightweight or minimal Linux distributions do not. For these systems, setting up a firewall is essential for security.
A popular and user-friendly firewall software is ufw, which stands for Uncomplicated Firewall. It simplifies the process of configuring firewall rules, providing an intuitive yet effective way to secure your system.
To install ufw on Debian-based Linux distributions, update the package sources and install using apt:
sudo apt update
sudo apt install ufwConfigure the default policies to deny all incoming traffic and allow all outgoing traffic for a secure baseline:
sudo ufw default deny incoming
sudo ufw default allow outgoingUse the allow and limit commands to customize permitted services. The limit command is particularly useful for services like SSH to prevent brute-force attacks. Below is a well-rounded configuration example:
sudo ufw limit 22/tcp
sudo ufw allow 80/tcp
sudo ufw allow 443/tcpEnable logging to monitor firewall activity. The low setting provides a balance between useful information and minimal log clutter:
sudo ufw logging lowApply the changes by enabling ufw. This will activate the firewall with your configured rules:
sudo ufw enableNote: Ensure you have allowed necessary services before enabling the firewall to avoid locking yourself out of the system.