Ubuntu Server’s firewall is called ufw. If you are running an Ubuntu Server, you definitely want to enable some kind of firewall to keep intruders out of your ports. They likely will perform a port scan and try to find weaknesses. You can prevent this by enabling ufw and then configuring it to open ports that need access and close ones that don’t.
sudo ufw enable
Check ufw status:
sudo ufw status
Allow a service to run (example: ftp, telnet, ssh, http):
sudo ufw allow http
Open a port:
sudo ufw allow 22
Close a port:
sudo ufw deny 22
Open a range of ports and specify TCP or UDP:
sudo ufw allow 300:310/tcp
Close a range of ports and specify TCP or UDP:
sudo ufw deny 300:310/tcp
Delete a service:
sudo ufw status numbered #creates a numbered list of services, example: [ 1] 21/tcp ALLOW IN Anywhere [ 2] 22/tcp ALLOW IN Anywhere [ 3] 80/tcp ALLOW IN Anywhere sudo ufw delete 3 #replace 3 with the service you want to delete
List applications that ufw can open service for:
sudo ufw app list #will generate a list similar to this: Available applications: Apache Apache Full Apache Secure CUPS OpenSSH plexmediaserver plexmediaserver-all plexmediaserver-dlna
Enable an application such as Apache. This is extremely important for a WordPress installation!
sudo ufw allow in "Apache Full"
sudo ufw disable
If you somehow screwed your ufw permissions up, you can reset them all. If you are configuring with SSH, make sure to enable your SSH service before re-enabling ufw!
sudo ufw reset
Hopefully, you have configured all of your services appropriately and have a good working firewall. If somehow this exercise is messing your server up, you can always disable it with “sudo ufw disable” until you can get more help or have more time to experiment. Happy and safe computing!