Published 2022-07-16.
Time to read: 2 minutes.
All websites, especially ecommerce sites, need to be secure. A properly set up firewall is an essential component for a secure server.
Ubuntu 22.04 uses the
Uncomplicated Firewall ufw firewall
frontend by default.
Ufw has been provided for Ubuntu since v8.04 (Hardy Heron).
Quick Setup
Enable ufw as follows:
Shell
$ sudo ufw enable Firewall is active and enabled on system startup
Enable the
ufw application profiles
for ssh and nginx (HTTP/HTTPS) like this:
Shell
$ sudo ufw allow OpenSSH Output Rule added Rule added (v6) $ sudo ufw allow 'Nginx Full' Output Rule added Rule added (v6)
Diving Deeper
The following is mostly true:
The default firewall on Ubuntu 22.04 Jammy Jellyfish is
Additionally,
ufw,
which is short for “uncomplicated firewall.”
Ufw is a frontend for the typical Linux iptables commands,
but it is developed in such a way that basic firewall tasks can be performed without the knowledge of iptables.
Additionally,
ufw can be managed from a graphical interface.
In this tutorial, you will learn how to enable and disable the ufw firewall on Ubuntu 22.04 Jammy Jellyfish from both command line and GUI.
The above makes no mention of how Ubuntu 22.04 replaced iptables with nftables,
as described below.
nftables as the default firewall backend
Firewalling on Linux consists of two components – the firewall mechanism within the Linux kernel, and the tools used to configure this from userspace. The Linux kernel has traditionally supported two different subsystems for firewall policies –iptables / xtables
and the newer nftables.
Nftables brings significant benefits both in terms of performance and flexibility when creating and deploying firewall rules, particularly for dual stack IPv4/IPv6 systems.
The traditional
iptables userspace management tool now configures the nftables kernel backend, whilst the new
nft userspace tool is also present to allow the creation of more flexible rules not supported by the traditional iptables paradigm.
Digital Ocean has a good ufw tutorial.