dedicated server<\/span><\/a><\/strong>\u00a0from unwanted connections to private services that you may want to disable from the public internet.<\/p>\nBy default the firewall in Ubuntu is disabled. In this article we’ll explain how to use uncomplicated\u00a0firewall (ufw) to configure iptables<\/strong>, which you may use this guide on other distributions if ufw is installed.<\/p>\n1.<\/strong>\u00a0Gain root access within the console\/SSH by executing\u00a0‘sudo su’<\/strong><\/p>\n2.<\/strong>\u00a0Add a rule to allow SSH so we don’t disconnected by executing\u00a0‘ufw allow [sshportnumberhere]\/tcp’<\/strong><\/p>\nYou also may add other services such as http with\u00a0‘ufw allow 80\/tcp’<\/strong><\/p>\n3.<\/strong>\u00a0Enable the firewall by executing\u00a0‘ufw enable’<\/strong><\/p>\nTo allow udp ports, replace tcp with udp. For example:\u00a0‘ufw allow portnumberhere\/udp’<\/strong><\/p>\nIf you need open a range of ports you can execute\u00a0‘ufw allow 100:200\/tcp’<\/strong>\u00a0to allow connects from port 100 to port 200.<\/p>\n– You may replace\u00a0‘tcp’<\/strong>\u00a0with\u00a0‘udp’<\/strong>\u00a0if you need to open udp ports.
\nIf you need to deny a specific IP, execute\u00a0‘ufw deny from ipaddresshere’<\/strong><\/p>\n-You can deny an entire\u00a0subnet\/block<\/strong>\u00a0by executing\u00a0‘ufw deny from ipaddress\/subnetprefix’<\/strong>
\nRemoving a rule in the firewall is a very simple task.<\/p>\n1.<\/strong>\u00a0Execute\u00a0‘ufw status numbered’<\/strong>\u00a0and look for the rule you’d like to remove.<\/p>\n2.<\/strong>\u00a0Execute\u00a0‘ufw delete rulenumberhere’<\/strong>\u00a0to remove the rule.<\/p>\nWe suggest if you’re using this command, also remove the\u00a0IPv6<\/strong>\u00a0rules by following steps 2 and 3. Each time you delete a rule, the numbering changes.<\/p>\n==============<\/strong><\/p>\nAdvanced settings<\/strong><\/p>\n==============<\/strong><\/p>\nYou can specify an IP or IP subnet to only have access to a specific port. For this example: SSH.<\/p>\n
1.<\/strong>\u00a0We need to add the rule to allow the IP to connect port 22 and ignore all others by executing ‘ufw allow from theipyouwanttopasshere to any port 22 proto tcp’<\/p>\nYou can change\u00a0‘tcp’<\/strong>\u00a0to\u00a0‘udp’<\/strong>\u00a0if you need to open an udp port.
\n2.<\/strong>\u00a0Remove any other rule that allows port 22 to all connections by executing ‘ufw status numbered’<\/p>\n3.<\/strong>\u00a0Remove the rule by executing\u00a0‘ufw delete rulenumberhere’<\/strong><\/p>\nWe suggest if you’re using this command, also remove the IPv6 rules by following steps 2 and 3. Each time you delete a rule, the numbering changes.<\/p>\n
Also please keep in mind that when you apply this rule, if you’re not in the IP or in the IP subnet specified, you will get disconnected.<\/p>\n","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"open","ping_status":"closed","template":"","format":"standard","manualknowledgebasecat":[229],"manual_kb_tag":[263],"_links":{"self":[{"href":"https:\/\/support.aklwebhost.com\/wp-json\/wp\/v2\/manual_kb\/2370"}],"collection":[{"href":"https:\/\/support.aklwebhost.com\/wp-json\/wp\/v2\/manual_kb"}],"about":[{"href":"https:\/\/support.aklwebhost.com\/wp-json\/wp\/v2\/types\/manual_kb"}],"author":[{"embeddable":true,"href":"https:\/\/support.aklwebhost.com\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/support.aklwebhost.com\/wp-json\/wp\/v2\/comments?post=2370"}],"version-history":[{"count":1,"href":"https:\/\/support.aklwebhost.com\/wp-json\/wp\/v2\/manual_kb\/2370\/revisions"}],"predecessor-version":[{"id":2371,"href":"https:\/\/support.aklwebhost.com\/wp-json\/wp\/v2\/manual_kb\/2370\/revisions\/2371"}],"wp:attachment":[{"href":"https:\/\/support.aklwebhost.com\/wp-json\/wp\/v2\/media?parent=2370"}],"wp:term":[{"taxonomy":"manualknowledgebasecat","embeddable":true,"href":"https:\/\/support.aklwebhost.com\/wp-json\/wp\/v2\/manualknowledgebasecat?post=2370"},{"taxonomy":"manual_kb_tag","embeddable":true,"href":"https:\/\/support.aklwebhost.com\/wp-json\/wp\/v2\/manual_kb_tag?post=2370"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}