How To Secure Linux Server With UFW | Netdata IT Tutorial

Cara Mengamankan Linux Server Dengan UFW

UFW or Uncomplicated Firewall is an interface of the Linux OS that makes it easy for users to configure a firewall on a linux server system.

Firewall itself functions to prevent unwanted access to a local network connection.

Firewalls also allow us to be able to tracing the connection so that we can take action whether we will continue the connection or we reject it.

By default Linux itself has its own firewall system such as Net Filters and Iptables. However, the configuration is quite complicated, so we take advantage of UFW to make it easier to configure the Firewall.

Install UFW on Ubuntu

Below we use an example of an Ubuntu Virtual Machine. For the first time using UFW, we have to install it first by using Package Management. For how to install it you type the command like this:

$ sudo apt-get install ufw

If you have installed it then we need to check whether UFW is already installed on the system or not by typing:

$ sudo ufw status

Or by using

$ sudo ufw verbose status

The picture above shows that UFW is still not active, so we need to do a basic configuration.

The first basic configuration is that we need to block incoming and allow outgoing so that incoming packets to our server will be blocked but outgoing packets will be allowed. Enter the command as follows:

$ sudo ufw default deny incoming

$ sudo ufw default deny outgoing

Allow SSH services

After that you also need to allow the services you want to use, on Linux this time it’s as if using a VPS or cloud service. So it requires remote service with SSH service. To allow SSH service we need to do the following command:

$ sudo ufw allow ssh

$ sudo ufw allow 22 / tcp

$ sudo ufw enable

After we do basic configuration, we need to check whether the UFW service is running by:

$ sudo ufw verbose status

Check Services that

have not been allowed On this server, I have allowed several services as illustrated below:

To check whether the UFW service is running by checking the services that have not been allowed. For example, what we have not allowed is the telnet, http, mysql, and 8080 services. On this server IP is 192.168.88.252.

Copy the server IP to the address bar of your browser then hit enter. If UFW is already working, the browser will continue to load, which means it is blocked by UFW.

Allow web server services

With the above command we have activated 3 services on the server.

Allow Multiple Ports At Once

We will try to “allow” multiple ports on this UFW at once so that we can configure the Firewall quickly. For example we will allow port from 1000 to port 2000 in the following way:

$ sudo ufw allow 1000: 2000 / tcp

$ sudo ufw allow 1000: 2000 / udp

Allow a specific IP address

We will try to create a new rule for a specific IP address in a way :

$ sudo ufw allow from 192.168.88.252 The

picture above shows that my IP can access the server without worrying about being blocked by UFW.

How to Delete UFW Rules

For how to delete UFW rules you can type a command like the following:

$ sudo ufw delete allow from 192.168.88.252

How to Reset UFW configuration

If we want to reset the UFW we have created, or want to remove all the rules we have created. then we need to enter the command as below:

$ sudo ufw reset

If the UFW status is already inactive it means that UFW is no longer running on the server.

How to Deactivate the UFW Service

If you want to disable the UFW service on the server then you only need to enter the following command:

$ sudo ufw disable

That’s the review of UFW on a Linux server this time, and you need to know that this UFW service can only secure Linux servers. dedicated.

If you want to secure the whole network then you need to use a Firewall or next generation Firewall which is the best solution for securing the network.

You can also consult the network firewall to direct NETDATAnamely on its official www.nds.idwebsite.That’s the tutorial this time and look forward to the next tutorial, hope it’s useful.

Leave a Reply

Your email address will not be published. Required fields are marked *

Semua operasional PT. Network Data Sistem akan menggunakan domain nds.id per tanggal 8 Mei 2019. Semua informasi/promosi dalam bentuk apapun selain menggunakan domain nds.id bukan tanggung jawab PT. Network Data Sistem Dismiss