Simple Firewall Rule Example

TL;DR

This guide shows you how to create a very basic firewall rule to block all incoming connections on port 80 (standard HTTP). It’s a simple example, but it demonstrates the core principles of adding rules. We’ll use ufw, which is common on Ubuntu and Debian systems.

Steps

1. Check if ufw is enabled: First, see if your firewall is already running.

   sudo ufw status

   If it’s inactive, you’ll need to enable it.

2. Enable ufw (if needed): If ufw status shows ‘inactive’, run:

   sudo ufw enable

   You will likely get a warning about existing SSH connections; proceed with caution if you’re connected remotely.

3. Deny incoming traffic on port 80: This is the core rule. It blocks all attempts to connect to your server on port 80 from any source.

   sudo ufw deny 80

4. Verify the rule: Check that the rule has been added correctly.

   sudo ufw status numbered

   You should see a rule listed with a number, protocol (TCP), port (80), and action (DENY).

5. Test the rule: From another computer, try to access your server on port 80 (e.g., by opening a web browser and going to http://your_server_ip). You should not be able to connect.
6. (Optional) Allow SSH connections: If you’re accessing the server remotely via SSH, make sure you haven’t blocked SSH traffic. A common rule is:

   sudo ufw allow ssh

7. (Optional) Delete a rule: If you need to remove the port 80 block, find its number using sudo ufw status numbered and then delete it.

   sudo ufw delete [rule_number]

   Replace [rule_number] with the actual number of the rule you want to remove.

Important Notes

• Security: This is a very basic example and doesn’t provide comprehensive cyber security. It’s intended for learning purposes only.
• SSH Access: Be extremely careful when modifying firewall rules, especially if you are connected remotely via SSH. Blocking SSH access can lock you out of your server.
• ufw vs iptables: ufw is a simpler interface to the more powerful iptables firewall system.