Please note this is for Linux VPS, if you host MT5 Forex VPS with us or game servers, please use the Windows Firewall guide.

UFW (Uncomplicated Firewall) is a simple and powerful firewall tool used to manage iptables on Linux servers. In this guide, you’ll learn how to install UFW and configure it properly to secure your Linux VPS.

What is UFW?

UFW (Uncomplicated Firewall) is a user-friendly firewall management tool for Ubuntu and Debian-based systems. It allows you to easily open and close ports, allow services, and secure your server.

It is commonly used to:

  • Allow SSH access (Port 22)
  • Allow web traffic (Port 80 & 443)
  • Block unauthorized access
  • Protect against brute-force attacks

Step 1: Connect to Your Server via SSH

ssh root@your-server-ip

Replace your-server-ip with your VPS IP address.

Step 2: Update Your System

apt update
apt upgrade -y

Step 3: Install UFW

apt install ufw -y

Once installed, verify the status:

ufw status

You should see:

Status: inactive

⚠ IMPORTANT: Allow SSH Before Enabling UFW

If you enable UFW without allowing SSH, you may lock yourself out of your VPS.

Allow SSH first:

ufw allow ssh

Or if using a custom SSH port (example: 2222):

ufw allow 2222/tcp

Step 4: Allow Common Ports

Allow HTTP (Port 80)

ufw allow 80/tcp

Allow HTTPS (Port 443)

ufw allow 443/tcp

Allow Specific Port (Example: 8080)

ufw allow 8080/tcp

Step 5: Enable UFW

ufw enable

Type y to confirm.

Check status:

ufw status verbose

Basic UFW Commands

Command Description
ufw status Show firewall status
ufw enable Enable firewall
ufw disable Disable firewall
ufw allow [port] Allow specific port
ufw delete allow [port] Remove allowed rule
ufw reset Reset all rules

Recommended Secure Configuration

For most VPS setups:

ufw default deny incoming
ufw default allow outgoing
ufw allow ssh
ufw allow 80
ufw allow 443
ufw enable

This configuration:

  • Blocks all incoming traffic by default
  • Allows outgoing connections
  • Allows SSH and web traffic

How to Allow Access from a Specific IP

For extra security, allow SSH only from your IP:

ufw allow from YOUR.IP.ADDRESS.HERE to any port 22

How to Block an IP Address

ufw deny from 123.456.78.90

How to View Numbered Rules

ufw status numbered

To delete a rule by number:

ufw delete 2

Common Issues & Fixes

Locked Out of Server?

  • Use your VPS provider console access
  • Run: ufw disable

Port Still Closed?

  • Ensure the application is running
  • Check cloud provider firewall settings
  • Verify correct TCP/UDP protocol

Security Tips

  • Change default SSH port
  • Disable root login
  • Install Fail2Ban
  • Regularly review UFW rules

You’re All Set 🚀

You have successfully installed and configured UFW on your Linux VPS. Your server is now significantly more secure.