{"id":147,"date":"2026-05-26T23:28:02","date_gmt":"2026-05-27T06:28:02","guid":{"rendered":"https:\/\/hostandtech.com\/kb\/linux\/how-to-configure-ufw-firewall-ubuntu\/"},"modified":"2026-05-26T23:28:02","modified_gmt":"2026-05-27T06:28:02","slug":"how-to-configure-ufw-firewall-ubuntu","status":"publish","type":"post","link":"https:\/\/hostandtech.com\/kb\/linux\/how-to-configure-ufw-firewall-ubuntu\/","title":{"rendered":"How to Configure UFW Firewall on Ubuntu (VPS &amp; Dedicated Server Guide)"},"content":{"rendered":"<h2>Overview<\/h2>\n<p>UFW (Uncomplicated Firewall) is a front-end for iptables that ships with Ubuntu and makes managing firewall rules far less painful. If you&#8217;ve just spun up a new Ubuntu VPS or dedicated server, your server is likely accepting connections on every port by default. That&#8217;s a problem.<\/p>\n<p>Most hosting security incidents I&#8217;ve seen start with an exposed port that nobody meant to leave open \u2014 Redis running on port 6379, an unprotected MySQL port, or a forgotten test application. UFW lets you define exactly what traffic is allowed in and silently drops everything else.<\/p>\n<p>This guide covers UFW setup from scratch on Ubuntu 22.04 and 24.04, including the rules you&#8217;ll actually need for a web hosting environment. If you&#8217;re running a <a href=\"https:\/\/www.hostandtech.com\/vps-ssd-servers\">VPS SSD Hosting<\/a> plan at Host &amp; Tech, this is one of the first things you should do after provisioning.<\/p>\n<h2>Prerequisites<\/h2>\n<ul>\n<li>Ubuntu 20.04, 22.04, or 24.04 (steps apply to all three)<\/li>\n<li>Root or sudo access to the server<\/li>\n<li>SSH access confirmed and working before you start<\/li>\n<li>Your server&#8217;s IP address (check your Host &amp; Tech control panel if needed)<\/li>\n<li>Basic comfort running commands in a terminal<\/li>\n<\/ul>\n<h2>Step-by-Step Instructions<\/h2>\n<h3>Step 1: Install UFW<\/h3>\n<p>UFW comes pre-installed on most Ubuntu images. Verify it&#8217;s there and install it if not:<\/p>\n<div class=\"ht-code-snippet\"><button class=\"ht-code-snippet__copy\" type=\"button\" aria-label=\"Copy code\"><\/button><span class=\"ht-code-snippet__feedback\">Copied to clipboard<\/span><\/p>\n<pre class=\"ht-code-snippet__code\" id=\"code-block-1\"><code class=\"\" data-line=\"\">sudo apt update\nsudo apt install ufw -y<\/code><\/pre>\n<\/div>\n<h3>Step 2: Check UFW Status<\/h3>\n<p>Before enabling anything, check the current state:<\/p>\n<div class=\"ht-code-snippet\"><button class=\"ht-code-snippet__copy\" type=\"button\" aria-label=\"Copy code\"><\/button><span class=\"ht-code-snippet__feedback\">Copied to clipboard<\/span><\/p>\n<pre class=\"ht-code-snippet__code\" id=\"code-block-2\"><code class=\"\" data-line=\"\">sudo ufw status verbose<\/code><\/pre>\n<\/div>\n<p>You&#8217;ll likely see <code class=\"\" data-line=\"\">Status: inactive<\/code>. That&#8217;s expected at this point. Don&#8217;t enable it yet.<\/p>\n<h3>Step 3: Set Default Policies<\/h3>\n<p>This is the foundation. You&#8217;re telling UFW to deny all incoming traffic and allow all outgoing traffic by default. Add your exceptions after this, never before.<\/p>\n<div class=\"ht-code-snippet\"><button class=\"ht-code-snippet__copy\" type=\"button\" aria-label=\"Copy code\"><\/button><span class=\"ht-code-snippet__feedback\">Copied to clipboard<\/span><\/p>\n<pre class=\"ht-code-snippet__code\" id=\"code-block-3\"><code class=\"\" data-line=\"\">sudo ufw default deny incoming\nsudo ufw default allow outgoing<\/code><\/pre>\n<\/div>\n<p>\ud83d\udcdd Note: These defaults mean any port you don&#8217;t explicitly allow will be blocked. That&#8217;s exactly what you want.<\/p>\n<h3>Step 4: Allow SSH Before Enabling UFW<\/h3>\n<p>\u26a0 Warning: This is the step that locks people out of their servers. Do not skip it. If you enable UFW before allowing SSH, you will lose access and need to use the Host &amp; Tech console or rescue mode to recover.<\/p>\n<p>If you&#8217;re running SSH on the default port 22:<\/p>\n<div class=\"ht-code-snippet\"><button class=\"ht-code-snippet__copy\" type=\"button\" aria-label=\"Copy code\"><\/button><span class=\"ht-code-snippet__feedback\">Copied to clipboard<\/span><\/p>\n<pre class=\"ht-code-snippet__code\" id=\"code-block-4\"><code class=\"\" data-line=\"\">sudo ufw allow ssh<\/code><\/pre>\n<\/div>\n<p>If you&#8217;ve changed SSH to a custom port (say, 2222):<\/p>\n<div class=\"ht-code-snippet\"><button class=\"ht-code-snippet__copy\" type=\"button\" aria-label=\"Copy code\"><\/button><span class=\"ht-code-snippet__feedback\">Copied to clipboard<\/span><\/p>\n<pre class=\"ht-code-snippet__code\" id=\"code-block-5\"><code class=\"\" data-line=\"\">sudo ufw allow 2222\/tcp<\/code><\/pre>\n<\/div>\n<p>\ud83d\udcdd Note: <code class=\"\" data-line=\"\">allow ssh<\/code> is a named profile shortcut. It resolves to port 22\/tcp using UFW&#8217;s built-in application profiles stored in <code class=\"\" data-line=\"\">\/etc\/ufw\/applications.d\/<\/code>. Using named profiles is fine, but always confirm what port they map to if you&#8217;ve modified SSH config.<\/p>\n<h3>Step 5: Allow Web Traffic<\/h3>\n<p>For a typical web server running Apache or Nginx, you&#8217;ll want HTTP and HTTPS open:<\/p>\n<div class=\"ht-code-snippet\"><button class=\"ht-code-snippet__copy\" type=\"button\" aria-label=\"Copy code\"><\/button><span class=\"ht-code-snippet__feedback\">Copied to clipboard<\/span><\/p>\n<pre class=\"ht-code-snippet__code\" id=\"code-block-6\"><code class=\"\" data-line=\"\">sudo ufw allow http\nsudo ufw allow https<\/code><\/pre>\n<\/div>\n<p>Or using port numbers directly:<\/p>\n<div class=\"ht-code-snippet\"><button class=\"ht-code-snippet__copy\" type=\"button\" aria-label=\"Copy code\"><\/button><span class=\"ht-code-snippet__feedback\">Copied to clipboard<\/span><\/p>\n<pre class=\"ht-code-snippet__code\" id=\"code-block-7\"><code class=\"\" data-line=\"\">sudo ufw allow 80\/tcp\nsudo ufw allow 443\/tcp<\/code><\/pre>\n<\/div>\n<p>If you&#8217;re running cPanel\/WHM on this server, you&#8217;ll need a broader set of ports. Add them in one go:<\/p>\n<div class=\"ht-code-snippet\"><button class=\"ht-code-snippet__copy\" type=\"button\" aria-label=\"Copy code\"><\/button><span class=\"ht-code-snippet__feedback\">Copied to clipboard<\/span><\/p>\n<pre class=\"ht-code-snippet__code\" id=\"code-block-8\"><code class=\"\" data-line=\"\">sudo ufw allow 2082\/tcp\nsudo ufw allow 2083\/tcp\nsudo ufw allow 2086\/tcp\nsudo ufw allow 2087\/tcp\nsudo ufw allow 2095\/tcp\nsudo ufw allow 2096\/tcp<\/code><\/pre>\n<\/div>\n<h3>Step 6: Allow Mail Ports (If Needed)<\/h3>\n<p>Only open these if this server handles email directly. Don&#8217;t open mail ports on application servers that don&#8217;t need them.<\/p>\n<div class=\"ht-code-snippet\"><button class=\"ht-code-snippet__copy\" type=\"button\" aria-label=\"Copy code\"><\/button><span class=\"ht-code-snippet__feedback\">Copied to clipboard<\/span><\/p>\n<pre class=\"ht-code-snippet__code\" id=\"code-block-9\"><code class=\"\" data-line=\"\">sudo ufw allow 25\/tcp\nsudo ufw allow 465\/tcp\nsudo ufw allow 587\/tcp\nsudo ufw allow 110\/tcp\nsudo ufw allow 143\/tcp\nsudo ufw allow 993\/tcp\nsudo ufw allow 995\/tcp<\/code><\/pre>\n<\/div>\n<h3>Step 7: Enable UFW<\/h3>\n<p>Once you&#8217;ve added all the rules you need, enable UFW:<\/p>\n<div class=\"ht-code-snippet\"><button class=\"ht-code-snippet__copy\" type=\"button\" aria-label=\"Copy code\"><\/button><span class=\"ht-code-snippet__feedback\">Copied to clipboard<\/span><\/p>\n<pre class=\"ht-code-snippet__code\" id=\"code-block-10\"><code class=\"\" data-line=\"\">sudo ufw enable<\/code><\/pre>\n<\/div>\n<p>You&#8217;ll see a prompt warning you that enabling UFW may disrupt existing SSH connections. If you&#8217;ve completed Step 4, type <code class=\"\" data-line=\"\">y<\/code> and press Enter.<\/p>\n<h3>Step 8: Verify Your Rules<\/h3>\n<div class=\"ht-code-snippet\"><button class=\"ht-code-snippet__copy\" type=\"button\" aria-label=\"Copy code\"><\/button><span class=\"ht-code-snippet__feedback\">Copied to clipboard<\/span><\/p>\n<pre class=\"ht-code-snippet__code\" id=\"code-block-11\"><code class=\"\" data-line=\"\">sudo ufw status numbered<\/code><\/pre>\n<\/div>\n<p>The <code class=\"\" data-line=\"\">numbered<\/code> flag adds rule numbers alongside each entry, which makes deleting specific rules much easier later.<\/p>\n<h3>Step 9: Allow or Block Specific IP Addresses<\/h3>\n<p>You can whitelist a specific IP for a service like MySQL that should never be public-facing:<\/p>\n<div class=\"ht-code-snippet\"><button class=\"ht-code-snippet__copy\" type=\"button\" aria-label=\"Copy code\"><\/button><span class=\"ht-code-snippet__feedback\">Copied to clipboard<\/span><\/p>\n<pre class=\"ht-code-snippet__code\" id=\"code-block-12\"><code class=\"\" data-line=\"\"># Allow only a specific IP to connect to MySQL\nsudo ufw allow from 203.0.113.50 to any port 3306\n\n# Block a specific IP entirely\nsudo ufw deny from 198.51.100.10<\/code><\/pre>\n<\/div>\n<p>In my experience, locking MySQL (3306) down to specific IPs is one of the most impactful things you can do on a database server. Leaving it open to the world is asking for brute-force attempts.<\/p>\n<h3>Step 10: Delete a Rule<\/h3>\n<p>Run <code class=\"\" data-line=\"\">sudo ufw status numbered<\/code> first to get rule numbers, then delete by number:<\/p>\n<div class=\"ht-code-snippet\"><button class=\"ht-code-snippet__copy\" type=\"button\" aria-label=\"Copy code\"><\/button><span class=\"ht-code-snippet__feedback\">Copied to clipboard<\/span><\/p>\n<pre class=\"ht-code-snippet__code\" id=\"code-block-13\"><code class=\"\" data-line=\"\">sudo ufw delete 3<\/code><\/pre>\n<\/div>\n<p>Or delete by rule specification:<\/p>\n<div class=\"ht-code-snippet\"><button class=\"ht-code-snippet__copy\" type=\"button\" aria-label=\"Copy code\"><\/button><span class=\"ht-code-snippet__feedback\">Copied to clipboard<\/span><\/p>\n<pre class=\"ht-code-snippet__code\" id=\"code-block-14\"><code class=\"\" data-line=\"\">sudo ufw delete allow 8080\/tcp<\/code><\/pre>\n<\/div>\n<h3>Step 11: Rate Limiting (Optional but Recommended)<\/h3>\n<p>UFW has a built-in rate limiting option that&#8217;s genuinely useful for SSH. It automatically blocks IPs that attempt more than 6 connections in 30 seconds:<\/p>\n<div class=\"ht-code-snippet\"><button class=\"ht-code-snippet__copy\" type=\"button\" aria-label=\"Copy code\"><\/button><span class=\"ht-code-snippet__feedback\">Copied to clipboard<\/span><\/p>\n<pre class=\"ht-code-snippet__code\" id=\"code-block-15\"><code class=\"\" data-line=\"\">sudo ufw limit ssh<\/code><\/pre>\n<\/div>\n<p>This won&#8217;t replace something like Fail2Ban, but it&#8217;s a quick layer of protection that takes one command to enable.<\/p>\n<h2>Common Issues &amp; Troubleshooting<\/h2>\n<h3>Locked Out of SSH After Enabling UFW<\/h3>\n<p>This happens when UFW is enabled before adding an SSH allow rule. If you&#8217;re on a Host &amp; Tech VPS or dedicated server, use the out-of-band console in your client portal (under Server Management &gt; Console Access). From there, run:<\/p>\n<div class=\"ht-code-snippet\"><button class=\"ht-code-snippet__copy\" type=\"button\" aria-label=\"Copy code\"><\/button><span class=\"ht-code-snippet__feedback\">Copied to clipboard<\/span><\/p>\n<pre class=\"ht-code-snippet__code\" id=\"code-block-16\"><code class=\"\" data-line=\"\">sudo ufw allow ssh\nsudo ufw reload<\/code><\/pre>\n<\/div>\n<p>If UFW is blocking all access and you can&#8217;t even reach the console easily, you can disable UFW temporarily:<\/p>\n<div class=\"ht-code-snippet\"><button class=\"ht-code-snippet__copy\" type=\"button\" aria-label=\"Copy code\"><\/button><span class=\"ht-code-snippet__feedback\">Copied to clipboard<\/span><\/p>\n<pre class=\"ht-code-snippet__code\" id=\"code-block-17\"><code class=\"\" data-line=\"\">sudo ufw disable<\/code><\/pre>\n<\/div>\n<h3>UFW Is Active But Traffic Is Still Blocked<\/h3>\n<p>This is usually a conflict with another iptables tool running on the same server. Docker is a notorious culprit. Docker manages its own iptables rules and can bypass UFW entirely for container-exposed ports. If you&#8217;re running Docker, check out the Docker UFW documentation and consider using the <code class=\"\" data-line=\"\">DOCKER-USER<\/code> chain rather than relying on UFW alone for container traffic.<\/p>\n<p>Also check whether a cloud provider firewall (like a security group on a cloud VPS) is blocking traffic upstream of UFW. Two separate firewall layers both need to allow the traffic.<\/p>\n<h3>UFW Rules Look Correct But Website Isn&#8217;t Accessible<\/h3>\n<p>Confirm the web server is actually running and bound to the right interface:<\/p>\n<div class=\"ht-code-snippet\"><button class=\"ht-code-snippet__copy\" type=\"button\" aria-label=\"Copy code\"><\/button><span class=\"ht-code-snippet__feedback\">Copied to clipboard<\/span><\/p>\n<pre class=\"ht-code-snippet__code\" id=\"code-block-18\"><code class=\"\" data-line=\"\">sudo ss -tlnp | grep -E &#039;:80|:443&#039;<\/code><\/pre>\n<\/div>\n<p>If nothing shows up, the issue is the web server, not the firewall. UFW can&#8217;t serve traffic that isn&#8217;t there to forward.<\/p>\n<h3>sudo ufw status Shows &#8220;inactive&#8221; After Reboot<\/h3>\n<p>UFW should persist across reboots by default on Ubuntu because it&#8217;s managed by a systemd service. If it&#8217;s not starting on boot, enable the service manually:<\/p>\n<div class=\"ht-code-snippet\"><button class=\"ht-code-snippet__copy\" type=\"button\" aria-label=\"Copy code\"><\/button><span class=\"ht-code-snippet__feedback\">Copied to clipboard<\/span><\/p>\n<pre class=\"ht-code-snippet__code\" id=\"code-block-19\"><code class=\"\" data-line=\"\">sudo systemctl enable ufw\nsudo systemctl start ufw<\/code><\/pre>\n<\/div>\n<h3>Accidentally Deleted All Rules<\/h3>\n<p>If you&#8217;ve run <code class=\"\" data-line=\"\">sudo ufw reset<\/code> without thinking (it wipes all rules and disables UFW), your server will be temporarily open on all ports. Re-add your rules starting from Step 3 above and re-enable UFW. Backups of your ruleset live in <code class=\"\" data-line=\"\">\/etc\/ufw\/<\/code> \u2014 if you&#8217;ve made backups of those files, you can restore them before running <code class=\"\" data-line=\"\">sudo ufw reload<\/code>.<\/p>\n<h2>FAQ<\/h2>\n<div class=\"ht-faq-section\">\n<h2>Frequently Asked Questions<\/h2>\n<div class=\"ht-faq-item\">\n<h3 class=\"ht-faq-question\">Does UFW replace iptables on Ubuntu?<\/h3>\n<div class=\"ht-faq-answer\">\n<p>No. UFW is a front-end that writes iptables rules for you. The rules are still applied through iptables (or nftables on Ubuntu 22.04+) in the background. If you check <code class=\"\" data-line=\"\">sudo iptables -L<\/code> after setting up UFW, you&#8217;ll see the rules UFW generated. This also means tools that directly manipulate iptables, like Docker, can interact with or bypass UFW rules.<\/p>\n<\/div>\n<\/div>\n<div class=\"ht-faq-item\">\n<h3 class=\"ht-faq-question\">Is UFW enabled by default on Ubuntu?<\/h3>\n<div class=\"ht-faq-answer\">\n<p>UFW is installed by default on Ubuntu but it&#8217;s disabled out of the box. Many cloud and VPS images, including ones used at Host &amp; Tech, ship with UFW inactive so you can configure rules before locking yourself out. Always check <code class=\"\" data-line=\"\">sudo ufw status<\/code> on a fresh server before assuming it&#8217;s protected.<\/p>\n<\/div>\n<\/div>\n<div class=\"ht-faq-item\">\n<h3 class=\"ht-faq-question\">How do I allow a port range in UFW?<\/h3>\n<div class=\"ht-faq-answer\">\n<p>Use a colon to specify a range and include the protocol, which is required for ranges. For example, to allow ports 6000 through 6100 over TCP: <code class=\"\" data-line=\"\">sudo ufw allow 6000:6100\/tcp<\/code>. Without specifying <code class=\"\" data-line=\"\">\/tcp<\/code> or <code class=\"\" data-line=\"\">\/udp<\/code>, UFW will reject the range rule with a syntax error.<\/p>\n<\/div>\n<\/div>\n<div class=\"ht-faq-item\">\n<h3 class=\"ht-faq-question\">Will enabling UFW affect my running website or application?<\/h3>\n<div class=\"ht-faq-answer\">\n<p>It can, if you haven&#8217;t added the right allow rules first. UFW&#8217;s default deny-incoming policy will block HTTP (80) and HTTPS (443) traffic unless you explicitly allow those ports before enabling it. Always set up your rules in full before running <code class=\"\" data-line=\"\">sudo ufw enable<\/code>.<\/p>\n<\/div>\n<\/div>\n<div class=\"ht-faq-item\">\n<h3 class=\"ht-faq-question\">Can I use UFW on a managed WordPress hosting plan?<\/h3>\n<div class=\"ht-faq-answer\">\n<p>If you&#8217;re on a Host &amp; Tech managed WordPress hosting plan, the server-level firewall is handled for you and you won&#8217;t have direct root access to configure UFW yourself. UFW configuration is relevant for VPS and dedicated server plans where you have full root access to the operating system.<\/p>\n<\/div>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>UFW (Uncomplicated Firewall) is the fastest way to lock down an Ubuntu server without wrestling with raw iptables rules. This guide walks you through setup, common port rules, and the mistakes that can lock you out of your own server.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[49],"tags":[74,75,21,20,15,76,205,19],"class_list":["post-147","post","type-post","status-publish","format-standard","hentry","category-linux","tag-firewall","tag-iptables","tag-linux-security","tag-server-hardening","tag-ubuntu","tag-ufw","tag-ufw-firewall-ubuntu","tag-vps-security"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>How to Configure UFW Firewall on Ubuntu (VPS &amp; Dedicated Server Guide)<\/title>\n<meta name=\"description\" content=\"Learn how to configure UFW firewall on Ubuntu to secure your VPS or server. Step-by-step setup, rules, and troubleshooting for 2026.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/hostandtech.com\/kb\/linux\/how-to-configure-ufw-firewall-ubuntu\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"How to Configure UFW Firewall on Ubuntu (VPS &amp; Dedicated Server Guide)\" \/>\n<meta property=\"og:description\" content=\"Learn how to configure UFW firewall on Ubuntu to secure your VPS or server. Step-by-step setup, rules, and troubleshooting for 2026.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/hostandtech.com\/kb\/linux\/how-to-configure-ufw-firewall-ubuntu\/\" \/>\n<meta property=\"og:site_name\" content=\"Host And Tech knowledge base\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/stshostandtech\" \/>\n<meta property=\"article:published_time\" content=\"2026-05-27T06:28:02+00:00\" \/>\n<meta name=\"author\" content=\"admin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@stshostandtech\" \/>\n<meta name=\"twitter:site\" content=\"@stshostandtech\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"admin\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"7 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/hostandtech.com\\\/kb\\\/linux\\\/how-to-configure-ufw-firewall-ubuntu\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/hostandtech.com\\\/kb\\\/linux\\\/how-to-configure-ufw-firewall-ubuntu\\\/\"},\"author\":{\"name\":\"admin\",\"@id\":\"https:\\\/\\\/hostandtech.com\\\/kb\\\/#\\\/schema\\\/person\\\/b6fa79c48ddaba71af32e395c5b017ee\"},\"headline\":\"How to Configure UFW Firewall on Ubuntu (VPS &amp; Dedicated Server Guide)\",\"datePublished\":\"2026-05-27T06:28:02+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/hostandtech.com\\\/kb\\\/linux\\\/how-to-configure-ufw-firewall-ubuntu\\\/\"},\"wordCount\":1305,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/hostandtech.com\\\/kb\\\/#organization\"},\"keywords\":[\"firewall\",\"iptables\",\"Linux security\",\"server hardening\",\"Ubuntu\",\"ufw\",\"UFW firewall Ubuntu\",\"VPS security\"],\"articleSection\":[\"Linux Server\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/hostandtech.com\\\/kb\\\/linux\\\/how-to-configure-ufw-firewall-ubuntu\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/hostandtech.com\\\/kb\\\/linux\\\/how-to-configure-ufw-firewall-ubuntu\\\/\",\"url\":\"https:\\\/\\\/hostandtech.com\\\/kb\\\/linux\\\/how-to-configure-ufw-firewall-ubuntu\\\/\",\"name\":\"How to Configure UFW Firewall on Ubuntu (VPS & Dedicated Server Guide)\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/hostandtech.com\\\/kb\\\/#website\"},\"datePublished\":\"2026-05-27T06:28:02+00:00\",\"description\":\"Learn how to configure UFW firewall on Ubuntu to secure your VPS or server. Step-by-step setup, rules, and troubleshooting for 2026.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/hostandtech.com\\\/kb\\\/linux\\\/how-to-configure-ufw-firewall-ubuntu\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/hostandtech.com\\\/kb\\\/linux\\\/how-to-configure-ufw-firewall-ubuntu\\\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/hostandtech.com\\\/kb\\\/linux\\\/how-to-configure-ufw-firewall-ubuntu\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/hostandtech.com\\\/kb\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"How to Configure UFW Firewall on Ubuntu (VPS &amp; Dedicated Server Guide)\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/hostandtech.com\\\/kb\\\/#website\",\"url\":\"https:\\\/\\\/hostandtech.com\\\/kb\\\/\",\"name\":\"Host And Tech knowledge base\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/hostandtech.com\\\/kb\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/hostandtech.com\\\/kb\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/hostandtech.com\\\/kb\\\/#organization\",\"name\":\"Host And Tech knowledge base\",\"url\":\"https:\\\/\\\/hostandtech.com\\\/kb\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/hostandtech.com\\\/kb\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/hostandtech.com\\\/kb\\\/wp-content\\\/uploads\\\/2026\\\/05\\\/logo-dark.png\",\"contentUrl\":\"https:\\\/\\\/hostandtech.com\\\/kb\\\/wp-content\\\/uploads\\\/2026\\\/05\\\/logo-dark.png\",\"width\":1134,\"height\":395,\"caption\":\"Host And Tech knowledge base\"},\"image\":{\"@id\":\"https:\\\/\\\/hostandtech.com\\\/kb\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/stshostandtech\",\"https:\\\/\\\/x.com\\\/stshostandtech\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/hostandtech.com\\\/kb\\\/#\\\/schema\\\/person\\\/b6fa79c48ddaba71af32e395c5b017ee\",\"name\":\"admin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/aa1edac8bbadb442e059a5b65ad45a3b2e3ce689202373b96e3e567517ae4b39?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/aa1edac8bbadb442e059a5b65ad45a3b2e3ce689202373b96e3e567517ae4b39?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/aa1edac8bbadb442e059a5b65ad45a3b2e3ce689202373b96e3e567517ae4b39?s=96&d=mm&r=g\",\"caption\":\"admin\"},\"sameAs\":[\"https:\\\/\\\/hostandtech.com\\\/kb\"],\"url\":\"https:\\\/\\\/hostandtech.com\\\/kb\\\/author\\\/admin_fjj7qydm\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"How to Configure UFW Firewall on Ubuntu (VPS & Dedicated Server Guide)","description":"Learn how to configure UFW firewall on Ubuntu to secure your VPS or server. Step-by-step setup, rules, and troubleshooting for 2026.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/hostandtech.com\/kb\/linux\/how-to-configure-ufw-firewall-ubuntu\/","og_locale":"en_US","og_type":"article","og_title":"How to Configure UFW Firewall on Ubuntu (VPS & Dedicated Server Guide)","og_description":"Learn how to configure UFW firewall on Ubuntu to secure your VPS or server. Step-by-step setup, rules, and troubleshooting for 2026.","og_url":"https:\/\/hostandtech.com\/kb\/linux\/how-to-configure-ufw-firewall-ubuntu\/","og_site_name":"Host And Tech knowledge base","article_publisher":"https:\/\/www.facebook.com\/stshostandtech","article_published_time":"2026-05-27T06:28:02+00:00","author":"admin","twitter_card":"summary_large_image","twitter_creator":"@stshostandtech","twitter_site":"@stshostandtech","twitter_misc":{"Written by":"admin","Est. reading time":"7 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/hostandtech.com\/kb\/linux\/how-to-configure-ufw-firewall-ubuntu\/#article","isPartOf":{"@id":"https:\/\/hostandtech.com\/kb\/linux\/how-to-configure-ufw-firewall-ubuntu\/"},"author":{"name":"admin","@id":"https:\/\/hostandtech.com\/kb\/#\/schema\/person\/b6fa79c48ddaba71af32e395c5b017ee"},"headline":"How to Configure UFW Firewall on Ubuntu (VPS &amp; Dedicated Server Guide)","datePublished":"2026-05-27T06:28:02+00:00","mainEntityOfPage":{"@id":"https:\/\/hostandtech.com\/kb\/linux\/how-to-configure-ufw-firewall-ubuntu\/"},"wordCount":1305,"commentCount":0,"publisher":{"@id":"https:\/\/hostandtech.com\/kb\/#organization"},"keywords":["firewall","iptables","Linux security","server hardening","Ubuntu","ufw","UFW firewall Ubuntu","VPS security"],"articleSection":["Linux Server"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/hostandtech.com\/kb\/linux\/how-to-configure-ufw-firewall-ubuntu\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/hostandtech.com\/kb\/linux\/how-to-configure-ufw-firewall-ubuntu\/","url":"https:\/\/hostandtech.com\/kb\/linux\/how-to-configure-ufw-firewall-ubuntu\/","name":"How to Configure UFW Firewall on Ubuntu (VPS & Dedicated Server Guide)","isPartOf":{"@id":"https:\/\/hostandtech.com\/kb\/#website"},"datePublished":"2026-05-27T06:28:02+00:00","description":"Learn how to configure UFW firewall on Ubuntu to secure your VPS or server. Step-by-step setup, rules, and troubleshooting for 2026.","breadcrumb":{"@id":"https:\/\/hostandtech.com\/kb\/linux\/how-to-configure-ufw-firewall-ubuntu\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/hostandtech.com\/kb\/linux\/how-to-configure-ufw-firewall-ubuntu\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/hostandtech.com\/kb\/linux\/how-to-configure-ufw-firewall-ubuntu\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/hostandtech.com\/kb\/"},{"@type":"ListItem","position":2,"name":"How to Configure UFW Firewall on Ubuntu (VPS &amp; Dedicated Server Guide)"}]},{"@type":"WebSite","@id":"https:\/\/hostandtech.com\/kb\/#website","url":"https:\/\/hostandtech.com\/kb\/","name":"Host And Tech knowledge base","description":"","publisher":{"@id":"https:\/\/hostandtech.com\/kb\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/hostandtech.com\/kb\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/hostandtech.com\/kb\/#organization","name":"Host And Tech knowledge base","url":"https:\/\/hostandtech.com\/kb\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/hostandtech.com\/kb\/#\/schema\/logo\/image\/","url":"https:\/\/hostandtech.com\/kb\/wp-content\/uploads\/2026\/05\/logo-dark.png","contentUrl":"https:\/\/hostandtech.com\/kb\/wp-content\/uploads\/2026\/05\/logo-dark.png","width":1134,"height":395,"caption":"Host And Tech knowledge base"},"image":{"@id":"https:\/\/hostandtech.com\/kb\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/stshostandtech","https:\/\/x.com\/stshostandtech"]},{"@type":"Person","@id":"https:\/\/hostandtech.com\/kb\/#\/schema\/person\/b6fa79c48ddaba71af32e395c5b017ee","name":"admin","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/aa1edac8bbadb442e059a5b65ad45a3b2e3ce689202373b96e3e567517ae4b39?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/aa1edac8bbadb442e059a5b65ad45a3b2e3ce689202373b96e3e567517ae4b39?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/aa1edac8bbadb442e059a5b65ad45a3b2e3ce689202373b96e3e567517ae4b39?s=96&d=mm&r=g","caption":"admin"},"sameAs":["https:\/\/hostandtech.com\/kb"],"url":"https:\/\/hostandtech.com\/kb\/author\/admin_fjj7qydm\/"}]}},"_links":{"self":[{"href":"https:\/\/hostandtech.com\/kb\/wp-json\/wp\/v2\/posts\/147","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/hostandtech.com\/kb\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/hostandtech.com\/kb\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/hostandtech.com\/kb\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/hostandtech.com\/kb\/wp-json\/wp\/v2\/comments?post=147"}],"version-history":[{"count":0,"href":"https:\/\/hostandtech.com\/kb\/wp-json\/wp\/v2\/posts\/147\/revisions"}],"wp:attachment":[{"href":"https:\/\/hostandtech.com\/kb\/wp-json\/wp\/v2\/media?parent=147"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/hostandtech.com\/kb\/wp-json\/wp\/v2\/categories?post=147"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/hostandtech.com\/kb\/wp-json\/wp\/v2\/tags?post=147"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}