Allow Ports Through UFW Firewall in Ubuntu

Learn how to open ports in Ubuntu and allow selected services through the firewall.

If you are setting up an Ubuntu system that connects to other systems and accepts connections, you need to allow the necessary ports through the firewall.

So this guide is going to utilize the UFW (Uncomplicated Firewall) that comes pre-installed on Ubuntu.

You don't need to have the UFW activated for opening a port or changing any other rules.

Let's say you want to allow port no. 22 which is used for SSH, your command would be:

sudo ufw allow 22/tcp
Allow ssh through the firewall in Ubuntu

Now, you can check whether the rule was successfully added or not by checking the status of the firewall which also gets the added rules:

sudo ufw status
show ufw rules in ubuntu

A straightforward process right? And if you want to learn some basics of ports including the most commonly used ports, the given guide will be helpful:

Common Networking Port Numbers in Linux
Here are the common networking ports you’ll encounter in Linux.

Now let me walk you through adding some useful ports to your system.

1. Allow HTTP (Port no. 80)

To allow HTTP port through the firewall, you'd have to use the given command:

sudo ufw allow http
allow http through firewall

2. Allow HTTPS (Port no. 443)

You can similarly allow HTTPSto what I did in the case of adding HTTP. Let me show you how:

sudo ufw allow https
allow https through firewall
DigitalOcean – The developer cloud
Helping millions of developers easily build, test, manage, and scale applications of any size – faster than ever before.
Get started on DigitalOcean with a $100, 60-day credit for new users.

3. Allow HTTP and HTTPS through Subnet

Users can also specify the subnets to accept connections. So let's add HTTP and HTTPS to all IP addresses from 69.171.224.37/16 subnet.

sudo ufw allow from 69.171.224.37/16 port 80,443 proto tcp
allow http and https with firewall

3. Allow SSH from Specific IP

At the beginning of this guide, I explained how to allow SSH through a firewall but you can tweak your firewall to only allow SSH from specific IPs.

So let's suppose I want to allow SSH from 10.0.2.15 so my command would be:

sudo ufw allow from 10.0.2.15 port ssh
allow ssh to specific ip in ufw

4. Allow Apache through Firewall

It may sound complex but it's the easiest part when configuring a web server. Yep, a single is all you need:

sudo ufw allow "Apache Full"
allow apache through firewall in ubuntu
Customer Referral Landing Page - $100
Cut Your Cloud Bills in Half Deploy more with Linux virtual machines, global infrastructure, and simple pricing. No surprise bills, no lock-in, and the
Get started on Linode with a $100, 60-day credit for new users.

5. Allow NGINX through Firewall

This is similar to what I explained just above. Where you're required to use NGINX Full instead of Apache Full. Let me show you how:

sudo ufw allow "NGINX Full"
allow nginx through firewall in ubuntu

But what about deleting rules that are no longer required? It's quick and easy.

How to Delete UFW Rules in Ubuntu

The best way to delete UFW rules is to list them with numbers so we can have a better idea of what to delete and whatnot.

To list UFW rules with numbers, use the given command:

sudo ufw status numbered
List ufw rules with numbers

Now, you just have to pick a number of rules. Let's say I want to delete a rule related to Nginx so the associated number with NGINX is 5 so my command would be:

sudo ufw delete 5
delete ufw rule

But what if you want to delete each rule?

You just have to use reset option with ufw command as given:

sudo ufw reset
reset ufw in ubuntu

Conclusion

This tutorial explained how you can allow ports with various tweaks to achieve the desired end result, including deleting rules that you no longer require.

And if you have any queries, I'd love to answer them through comments.