How to Enable/Disable UFW Firewall on Ubuntu 18.04 & 20.04?

UFW (Uncomplicated Firewall) is Ubuntu's built-in firewall tool designed to simplify network security management. It provides an easy-to-use interface for configuring iptables rules, helping protect your Ubuntu 18.04 or 20.04 system from unauthorized access and potential attacks.

UFW follows a default-deny policy for incoming connections while allowing outgoing traffic, making it an essential security component for both servers and desktop systems.

Why Enable/Disable UFW Firewall?

Enabling UFW is crucial for system security as it creates a barrier against malicious traffic. You need to enable specific ports when running services like web servers (ports 80/443 for HTTP/HTTPS) or SSH (port 22) that require external access.

Disabling UFW may be necessary for troubleshooting network issues, installing software with specific port requirements, or in controlled environments where other security measures are in place. However, this should only be done temporarily as it exposes your system to potential threats.

Installing and Checking UFW Status

UFW comes pre-installed on Ubuntu 18.04 and 20.04, but if needed, install it using

sudo apt update
sudo apt install ufw

Check the current firewall status

sudo ufw status

For detailed information including default policies

sudo ufw status verbose

Enabling UFW Firewall

To enable UFW and activate it on system startup

sudo ufw enable

The system will display a warning about disrupting existing SSH connections. Type y to proceed.

Basic UFW Rules

Before enabling UFW, configure essential rules to avoid locking yourself out

# Allow SSH (if using remote access)
sudo ufw allow ssh

# Allow specific ports
sudo ufw allow 80/tcp    # HTTP
sudo ufw allow 443/tcp   # HTTPS
sudo ufw allow 22/tcp    # SSH

# Allow from specific IP
sudo ufw allow from 192.168.1.100

Disabling UFW Firewall

To temporarily disable UFW

sudo ufw disable

This stops the firewall but preserves all configured rules. To completely reset UFW

sudo ufw --force reset

Common Issues and Solutions

SSH Connection Lost

If you enable UFW without allowing SSH, you'll lose remote access. To prevent this

sudo ufw allow ssh
sudo ufw enable

Application Blocked by Default

Applications may be blocked after enabling UFW. Check which ports your application needs

# List application profiles
sudo ufw app list

# Allow specific application
sudo ufw allow 'Apache Full'

# Or allow specific port/protocol
sudo ufw allow 3000/tcp

Rule Conflicts

View all rules to identify conflicts

sudo ufw status numbered

Delete conflicting rules by number

sudo ufw delete 3

UFW Rule Management

Conclusion

UFW provides essential network security for Ubuntu systems through its simple command-line interface. Always configure necessary rules before enabling UFW to avoid losing access to your system. Remember that disabling UFW should only be temporary, as it leaves your system vulnerable to attacks.