Ubuntu Server comes with a firewall application called UFW (Uncomplicated Firewall), which is a front-end to iptables. Here are the steps to configure the firewall on Ubuntu Server using UFW:
- Check if UFW is installed and enabled: You can check if UFW is installed and enabled using the command “sudo ufw status”. If it’s not installed, you can install it using the command “sudo apt-get install ufw”.
- Allow necessary ports and services: By default, UFW blocks all incoming connections to your system. You need to allow the necessary ports and services for your applications. For example, if you’re running a web server, you need to allow incoming connections on port 80 for HTTP and port 443 for HTTPS. You can use the command “sudo ufw allow” to allow ports and services. For example, to allow incoming connections on port 80, you can use the command “sudo ufw allow 80/tcp”.
- Block unnecessary ports and services: You should block any ports and services that are not needed. This reduces the attack surface of your system and helps to prevent unauthorized access. You can use the command “sudo ufw deny” to block ports and services. For example, to block incoming connections on port 23, you can use the command “sudo ufw deny 23/tcp”.
- Create custom rules: You can create custom firewall rules to allow or block specific IP addresses, subnets, or protocols. For example, you can block all incoming traffic from a specific IP address. You can use the command “sudo ufw insert” to create custom rules. For example, to block incoming traffic from IP address 192.168.0.100, you can use the command “sudo ufw insert 1 deny from 192.168.0.100”.
- Check and reload the firewall: After configuring the firewall, you should check whether it’s working correctly and reload it. You can use the command “sudo ufw status” to check the status of the firewall, and “sudo ufw reload” to reload the firewall.
Note that the specific commands and options for configuring a firewall may vary depending on the Linux distribution and the firewall application you’re using. Therefore, you should refer to the documentation of your specific distribution and firewall application for more detailed instructions.